157 matches found
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation in the metadata field processing. An attacker can rename, move, or change permissions of files within the container by submitting specially crafted tag names such as System:FileName, System:Directory, or...
SiYuan has an Incomplete Fix for IsSensitivePath Denylist Allows File Read from /opt, /usr, /home (GHSA-h5vh-m7fg-w5h6 Bypass)
Summary The IsSensitivePath function in kernel/util/path.go uses a denylist approach that was recently expanded GHSA-h5vh-m7fg-w5h6, commit 9914fd1 but remains incomplete. Multiple security-relevant Linux directories are not blocked, including /opt application data, /usr local configs/binaries,...
CVE-2026-28267
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...
EUVD-2026-10404
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...
CVE-2026-28267
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...
CVE-2026-28267
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...
PT-2026-24143
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...
Code-Projects Police Station Management System Security Vulnerabilities
Code-Projects Police Station Management System is an open-source police station management system developed by Code-Projects. The Code-Projects Police Station Management System has a security vulnerability that can be exploited by absolute path traversal attacks, which may lead to the enumeration...
Owlfiles 路径遍历漏洞
Owlfiles is a file manager from Owlfiles, Inc. A path traversal vulnerability exists in Owlfiles version 12.0.1, which stems from a path traversal vulnerability in the built-in HTTP server that could lead to accessing system directories...
PT-2025-52564
Name of the Vulnerable Software and Affected Versions Versa SASE Client for Windows versions 7.8.7 through 7.9.4 Description The software contains a local privilege escalation issue in the audit log export functionality. The client sends user-controlled file paths to a privileged service, which...
CVE-2023-53937 Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application...
JeecgBoot Path Traversal Vulnerability
JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot has a path traversal vulnerability that stems from a path traversal vulnerability in the interface...
GHSA-P84V-GXVW-73PF Argo Workflow has a Zipslip Vulnerability
Vulnerability Description Vulnerability Overview 1. During the artifact extraction process, the unpack function extracts the compressed file to a temporary directory /etc.tmpdir and then attempts to move its contents to /etc using the rename system call, 2. However, since /etc is an already...
EUVD-2010-0922
Malware in sbrugna...
EUVD-2007-2459
Malware in sbrugna...
EUVD-2007-2070
Malware in sbrugna...
EUVD-2020-25185
Malware in sbrugna...
EUVD-2007-3215
Malware in sbrugna...
EUVD-2020-20150
Malware in sbrugna...
EUVD-2022-29679
Malicious code in bioql PyPI...