10 matches found
CVE-2026-33309 Langflow has an Arbitrary File Write (RCE) via v2 API
Langflow is a tool for building and deploying AI-powered agents and workflows. Versions 1.2.0 through 1.8.1 have a bypass of the patch for CVE-2025-68478 External Control of File Name, leading to the root architectural issue within LocalStorageService remaining unresolved. Because the underlying...
CVE-2023-32273
Stack-based buffer overflow vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. This vulnerability is different from CVE-2023-32538 and CVE-2023-32201...
The vulnerability of the filesystem.renamer() function in the SABnzbd news reader software, which is related to errors in handling relative pathnames for directories, allows attackers to compromise data integrity.
The vulnerability of the filesystem.renamer function in the SABnzbd news reader program is related to errors in handling relative pathnames for directories. Exploiting this vulnerability could allow a malicious actor to manipulate data integrity through the use of a malicious PAR2 file...
KDU
This is a Windows driver code, specifically a device driver for a fictional device called "DUMMYDRV". The code is written in C and is compiled into a Windows driver executable. The code consists of two parts: dummy.sys and dummy2.sys. Both files are Windows driver executables, but they have...
DEBIAN-CVE-2021-29488
SABnzbd is an open source binary newsreader. A vulnerability was discovered in SABnzbd that could trick the filesystem.renamer function into writing downloaded files outside the configured Download Folder via malicious PAR2 files. A patch was released as part of SABnzbd 3.2.1RC1. As a workaround,...
Foxit Studio Photo Information Disclosure Vulnerability (CNVD-2020-59768)
Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An information disclosure vulnerability exists in the handling of SR2 files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied...
PT-2019-4352
Name of the Vulnerable Software and Affected Versions GNU Libc affected versions not specified Description The issue is related to the libld component of the GNU Libc library, which provides system calls and basic functions. It is associated with insufficient input validation, allowing a remote...
DEBIAN-CVE-2019-1788
A vulnerability in the Object Linking & Embedding OLE2 file scanning functionality of Clam AntiVirus ClamAV Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of prope...
ZOHO ManageEngine Password Manager Pro Cross-Site Scripting Vulnerability
ZOHO ManageEngine Password Manager Pro PMP is a set of password management software from ZOHO. The software can record general password information, website login passwords, software registration codes and Email account passwords. A cross-site scripting vulnerability exists in the SearchResult.ec...
DEBIAN-CVE-2016-9373
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private...