GHSA-J6V5-G24H-VG4J Ferret: Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websites

Summary A path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a website that returns filenames containing ../ sequences, and uses those...

CVE-2026-22209

thingino-firmware up to commit e3f6a41 published on 2026-03-15 contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

EUVD-2022-4975

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-18849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat...

CVE-2023-43619

An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorizedkeys file...

CVE-2023-43619

An issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorizedkeys file...

Puppet allows local users to modify the permissions of arbitrary files

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorizedkeys file...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2021-1648)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Input validation

In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorizedkeys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certa...

Directory traversal

The Camera Upload functionality in Plex Media Server through 1.18.2.2029 allows remote authenticated users to write files anywhere the user account running the Plex Media Server has permissions. This allows remote code execution via a variety of methods, such as on a default Ubuntu installation...

CVE-2019-18849

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup...

CVE-2019-18849

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup...

Heap overflow

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup...

CVE-2019-18849

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup...

CVE-2019-18849

In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup...

CVE-2011-3870

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorizedkeys file...

Ubuntu Update for puppet USN-1223-2

Ubuntu Update for Linux kernel vulnerabilities USN-1223-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN12232.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for puppet USN-1223-2 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 10.04 LTS : puppet regression (USN-1223-2)

USN-1223-1 fixed vulnerabilities in Puppet. A regression was found on Ubuntu 10.04 LTS that caused permission denied errors when managing SSH authorizedkeys files with Puppet. This update fixes the problem. We apologize for the inconvenience. It was discovered that Puppet unsafely opened files wh...

Ubuntu Update for puppet USN-1223-1

Ubuntu Update for Linux kernel vulnerabilities USN-1223-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12231.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for puppet USN-1223-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 10.04 LTS / 10.10 / 11.04 : puppet vulnerabilities (USN-1223-1)

It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. CVE-2011-3869 Ricky Zhou discovered that Puppet did not drop privileges when creating SSH...