MGASA-2026-0050 Updated python-django packages fix security vulnerability

Potential incorrect permissions on newly created file system objects. CVE-2026-25674...

Kentico Xperience Information Disclosure Vulnerability

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...

EUVD-2025-204347

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2019-25230

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2019-25230

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

CVE-2019-25230 Kentico Xperience <= 12.0.0 User Widget Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

Kentico Xperience 安全漏洞

Kentico Xperience is a digital experience platform from Kentico. Kentico Xperience suffers from an information disclosure vulnerability that originates in the Live Site Part Properties dialog box that could disclose sensitive system objects and can be exploited by an attacker to cause unauthorize...

PT-2025-52296

An information disclosure vulnerability in Kentico Xperience allows authenticated users to view sensitive system objects through the live site widget properties dialog. Attackers can exploit this vulnerability to access unauthorized system information without proper access controls...

EUVD-2012-5828

Malware in sbrugna...

Jenkins Filesystem List Parameter Plugin has Path Traversal vulnerability

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter. This allows attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system. Filesystem List Parameter Plugin 0.0.15 ensur...

CVE-2024-54004

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system...

CVE-2024-54004

Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system...

cilantro 路径遍历漏洞

cilantro is an open source task runner from Deutsches Archäologisches Institut in Germany. Designed to manage long running distributed jobs that operate on file system objects . cilantro version 0.0.4 and earlier versions of a security vulnerability , the vulnerability stems from Flask's sendfile...

Arbitrary Code Execution

java is vulnerable to arbitrary code execution. The vulnerability exists as the flaws in the CORBA implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects...

CVE-2011-3632

Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks...

Microsoft Windows: Audit Authorization Policy Change

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winauthorizationpolicychange.nasl 11068 2018-08-21 11:51:41Z emoss $ Check value for Audit Authorization Policy Change Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...

Microsoft Windows: System objects: Strengthen default permissions of internal system objects

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winsodefaultperminternal.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for System objects: Strengthen default permissions of internal system objects Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks...

Microsoft Windows: System objects: Require case insensitivity for non-Windows subsystems

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winsocaseinsensitivesubsystems.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for System objects: Require case insensitivity for non-Windows subsystems Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks...

CVE-2018-5516

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.0.2-2.3.0, authenticated users granted TMOS Shell tmsh access can access objects on the file syste...

Multiple F5 Products TMOS Shell Information Disclosure Vulnerability

F5 BIG-IP LTM and others are products of F5 Corporation, USA.F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager.TMOS Shell tmsh is one of the command line tools. A security vulnerability exists in the TMOS Shell in several F5 products. An attacker could...