CVE-2026-3775

The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writab...

EUVD-2026-3657

NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows administrative users to write files to arbitrary system locations through the emoji upload API. Attackers with admin access can craft file upload requests with directory traversal to overwrite system files by...

Apache HTTP Server 安全漏洞

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A security vulnerability exists in Apache HTTP Server that can be exploited by an attacker to map URLs to file system locations th...

pgAdmin 代码问题漏洞

pgAdmin is an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin 4 versions prior to 6.7, which stems from the software's inability to validate the path of a file uploaded by a user, resulting in a path traversal...

CVE-2019-13227

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker controlled...