9 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-44691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files e.g. .theia/tasks.json, .vscode/tasks.json could be executed without...
[Eclipse Theia] Arbitrary Command Execution via Untrusted Workspace Task Definitions
In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files e.g. .theia/tasks.json, .vscode/tasks.json could be executed without requiring workspace trust. An attacker could craft a malicious repository that, when cloned and opened in Theia, leads to execution of arbitra...
EUVD-2026-37901
In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files e.g. .theia/tasks.json, .vscode/tasks.json could be executed without requiring workspace trust. An attacker could craft a malicious repository that, when cloned and opened in Theia, leads to execution of arbitra...
CVE-2026-26225
Intego Personal Backup, a macOS backup utility that allows users to create scheduled backups and bootable system clones, contains a local privilege escalation vulnerability. Backup task definitions are stored in a location writable by non-privileged users while being processed with elevated...
Intego Personal Backup 后置链接漏洞
Intego Personal Backup is a backup tool developed by the Intego company. Intego Personal Backup has a post-installation vulnerability that stems from the fact that backup task definitions are stored in a location that can be written to by non-privileged users. However, these tasks are processed...
XiaoCMS backend has arbitrary file read vulnerability
XiaoCms is a web content management system, provides enterprise building system, station system. An arbitrary file read vulnerability exists in the XiaoCMS backend. An attacker can exploit the vulnerability to read task files...
Logic design vulnerability in CSCMS Skin.php file
Cheng's CMS content management system referred to as CSCMS is a multi-functional network information management system developed by Chongsheng Network Technology. A logical design vulnerability exists in the CSCMS Skin.php file. The vulnerability is due to unfiltered processing of user-supplied...
Arbitrary File Deletion Vulnerability in MetInfo Version 5.3.18 Backend
MetInfo is a Content Management System CMS developed using PHP and Mysql. An arbitrary file deletion vulnerability exists in a function in MetInfo version 5.3.18 physical.php. An attacker can exploit this vulnerability to delete task files...
vixie-cron symbolic links information leak
During editing synbolic links are not checked, allowing to read tasf files of different users...