52 matches found
CVE-2026-43616
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive...
CVE-2026-43616 Detect-It-Easy < 3.21 Path Traversal Arbitrary File Write
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive...
CVE-2026-43616
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive...
EUVD-2026-27081
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive...
DIE-engine 安全漏洞
DIE-engine is a file type detection and reverse analysis tool developed by Hors’ individual developer. Versions of DIE-engine prior to 3.21 contained security vulnerabilities. These vulnerabilities were caused by path traversal attacks, allowing attackers to write arbitrary files into the file...
CVE-2026-2244
A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No...
Google Cloud Vertex AI Workbench 安全漏洞
Google Cloud Vertex AI Workbench is a cloud-based integrated development environment provided by Google, Inc. There is a security vulnerability in Google Cloud Vertex AI Workbench, which allows attackers to exploit the built-in startup scripts to steal valid Google Cloud access tokens from other...
MiracleLinux 7 : postgresql-9.2.23-3.el7 (AXSA:2017-2464:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2464:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...
CVE-1999-0411
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access...
CVE-2025-65885
An issue was discovered in the Delight Custom Firmware CFW for Nokia Symbian Belle devices on Nokia 808 Delight v1.8, Nokia N8 Delight v6.7, Nokia E7 Delight v1.3, Nokia C7 Delight v6.7, Nokia 700 Delight v1.2, Nokia 701 Delight v1.1, Nokia 603 Delight v1.0, Nokia 500 Delight v1.2, Nokia E6 Delig...
CVE-2025-65885
An issue was discovered in the Delight Custom Firmware CFW for Nokia Symbian Belle devices on Nokia 808 Delight v1.8, Nokia N8 Delight v6.7, Nokia E7 Delight v1.3, Nokia C7 Delight v6.7, Nokia 700 Delight v1.2, Nokia 701 Delight v1.1, Nokia 603 Delight v1.0, Nokia 500 Delight v1.2, Nokia E6 Delig...
CVE-2025-65885
An issue was discovered in the Delight Custom Firmware CFW for Nokia Symbian Belle devices on Nokia 808 Delight v1.8, Nokia N8 Delight v6.7, Nokia E7 Delight v1.3, Nokia C7 Delight v6.7, Nokia 700 Delight v1.2, Nokia 701 Delight v1.1, Nokia 603 Delight v1.0, Nokia 500 Delight v1.2, Nokia E6 Delig...
CVE-2025-65885
An issue was discovered in the Delight Custom Firmware CFW for Nokia Symbian Belle devices on Nokia 808 Delight v1.8, Nokia N8 Delight v6.7, Nokia E7 Delight v1.3, Nokia C7 Delight v6.7, Nokia 700 Delight v1.2, Nokia 701 Delight v1.1, Nokia 603 Delight v1.0, Nokia 500 Delight v1.2, Nokia E6 Delig...
CVE-2018-25148
Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges,...
CVE-2018-25148
CVE-2018-25148 affects Microhard Systems IPn4G 1.1.0. The admin interface contains multiple authenticated remote code execution vulnerabilities that allow an authenticated attacker to create crontab jobs and modify system startup scripts. Attackers can execute arbitrary commands with root privile...
Microhard Systems IPn4G 安全漏洞
Microhard Systems IPn4G is a cellular wireless gateway from Microhard Canada. A security vulnerability exists in Microhard Systems IPn4G version 1.1.0, which stems from multiple authenticated remote code execution vulnerabilities in the management interface that could lead to the creation of...
PT-2025-53368
Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges,...
EUVD-1999-0411
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-1131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this scrip...
CVE-2025-1131
A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...