139 matches found
Citrix SD-WAN Center - Local File Inclusion
Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this...
Canonical Multipass 安全漏洞
Canonical Multipass is a virtual instance of Ubuntu developed by Canonical OpenSource. Versions of Canonical Multipass prior to 1.16.3 contained security vulnerabilities. These vulnerabilities stemmed from incomplete fixes to CVE-2025-5199. Five auxiliary binaries were still owned and writable by...
CVE-2026-48691
FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...
PT-2026-43310
FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS PATH attribute encoder. In src/bgp protocol.hpp, the IPv4UnicastAnnounce::get attributes function computes attribute length as 'sizeofbgp as path segment element t + this-as path asns.size sizeofuint32 t' and...
CVE-2026-5271
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...
CVE-2026-5271 Possible to hijack modules in current working directory
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...
GHSA-QVVF-Q994-X79V SiYuan importSY/importZipMd: path traversal via multipart filename enables arbitrary file write
Summary POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that enable RCE. Details...
CVE-2025-59819
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path...
CVE-2025-59819
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path...
CVE-2025-59819 Authenticated Arbitrary File Read via filepath parameter
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path...
CVE-2025-59819
The CVE-2025-59819 entries describe an authenticated arbitrary-file-read vulnerability: an attacker can supply a crafted filepath parameter that is mapped to an internal system path, enabling access to arbitrary files. Multiple sources (NVD, Red Hat, CVE list, Attackerkb, etc.) corroborate the sa...
CVE-2025-59819
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path...
CVE-2025-59819 Authenticated Arbitrary File Read via filepath parameter
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path...
PT-2026-21002
This vulnerability allows authenticated attackers to read an arbitrary file by changing a filepath parameter into an internal system path...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001820)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001820 advisory. The dofollowlink function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, whi...
CVE-2025-63695
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...
EUVD-2025-198056
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...
Improper Validation of Integrity Check Value
Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value due to the protocDigest parameter being ignored when the protoc executable is sourced from the system PATH. An attacker can bypass integrity verification by placing a malicious protoc binary...
EUVD-2025-34251
Argo Workflow has a Zipslip Vulnerability...
EUVD-2011-3724
Malware in sbrugna...