Gotenberg 安全漏洞

Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg prior to 8.30.0 contained security vulnerabilities. These vulnerabilities stemmed from the ability to bypass the blacklist for ExifTool...

CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

OpenClaw path traversal vulnerability (CNVD-2026-16057)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to weaken bound source isolation by symbolically linking the parent directory to bypass the allowed root directory and prevent path...

OpenClaw 路径遍历漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to weaken bound source isolation by symbolically linking the parent directory to bypass the allowed root directory and prevent path...

Parallels Desktop 安全漏洞

Parallels Desktop is a suite of virtual machine software for the macOS platform from US-based Parallels, Inc. A security vulnerability exists in Parallels Desktop for Mac version 20.1.1, which stems from a symbolic linking issue in the Snapshot feature that could lead to elevated privileges...

Samsung Magician for MacOS Privilege Escalation (CVE-2024-31952)

Samsung Magician versions 8.1.0 are vulnerable to a privilege escalation vulnerability due to issues with symbolic linking in the files used during the installation process allowing an attacker to escalate privileges through arbitrary file permission writes. Note that Nessus has not tested for th...

Apple TV < 7.0.3 Multiple Vulnerabilities

According to its banner, the remote Apple TV device is a version prior to 7.0.3. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist, related to the included version of WebKit, that allow application crashes or arbitrary code execution...

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-1 Apple TV 7.0.3 Apple TV 7.0.3 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...