7 matches found
CVE-2026-28457
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
EUVD-2026-9905
OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in sandbox skill mirroring must be enabled that uses the skill frontmatter name parameter unsanitized when copying skills into the sandbox workspace. Attackers who provide a crafted skill package with traversal sequences...
Malicious code in parrot-skill (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8af0781e79293b12105ef0ec6cbbb0dd5eed09aa1d6b2f82040c0ffdb5017f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SIMATIC eaSie PCS 7 Skill Package (6DL5424- 0BX00-0AV8) Arbitrary File Download Vulnerability
SIMATIC eaSie is the digital assistant automation concept for Siemens Automation and Process Control Technology, "Totally Integrated Automation". SIMATIC eaSie PCS 7 Skill Package 6DL5424- 0BX00-0AV8 arbitrary file download vulnerability can be exploited by an attacker to read arbitrary files...
CVE-2021-42022
A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package All versions V21.00 SP3. When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the...
CVE-2021-42022
A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package All versions V21.00 SP3. When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the...
Siemens SIMATIC PCS 7 路径遍历漏洞
SIMATIC eaSie is the digital assistant automation concept for Siemens Automation and Process Control Technology, "Totally Integrated Automation". SIMATIC eaSie PCS 7 Skill Package 6DL5424- 0BX00-0AV8 arbitrary file download vulnerability can be exploited by an attacker to read arbitrary files...