PT-2026-26676

ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32...

CVE-2025-34436

AVideo is affected by an IDOR in the file upload feature: versions prior to 20.1 allow any authenticated user to upload files into directories owned by other users because ownership checks are not enforced, despite authentication being required. The issue stems from lack of authorization for the ...

EUVD-2017-6592

Malware in sbrugna...

EUVD-2025-31102

Malicious code in bioql PyPI...

EUVD-2022-25479

Malicious code in bioql PyPI...

CVE-2025-36857 Rapid7 Appspider Broken Access Control Vulnerability

Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file loading mechanism, whereby an attacker can place files in directories belonging to other users or projects. Affected versions allow standard users to add custom...

CVE-2025-36857

CVE-2025-36857 — Rapid7 Appspider Pro versions prior to 7.5.021 suffer a broken access control in the configuration file loading mechanism. The issue allows a standard user to place custom configuration files in other users’ or projects’ directories, and since files are loaded in alphabetical ord...

Rapid7 AppSpider Pro 安全漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A security vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.021 that stems from an access control flaw in the...

Linux Distros Unpatched Vulnerability : CVE-2020-15396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could...

CVE-2022-20219

In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is no...

Linux Distros Unpatched Vulnerability : CVE-2017-15131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask...

Azure CLI Credentials Gatherer

This module will collect the Azure CLI 2.0+ az cli settings files for all users on a given target. These configuration files contain JWT tokens used to authenticate users and other subscription information. Once tokens are stolen from one host, they can be used to impersonate the user from a...

SUSE CVE-2017-15131

It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux...

SUSE CVE-2017-1000391

Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...

Embedded Crowd passes sensitive paramaters in the URL when adding a new or editing an existing user directory.

h3. Issue Summary While adding a new directory or editing an existing one the embedded crowd passes directoryId, xsrfTokenName and xsrfTokenValue parameters to the URL. h3. Environment Bitbucket 6.9.X, 7.4.X, 7.5.X, 7.6.X h3. Steps to Reproduce In Bitbucket navigate to Gear Icon User Directories;...

Embedded Crowd passes sensitive paramaters in the URL when adding a new or editing an existing user directory.

h3. Issue Summary While adding a new directory or editing an existing one the embedded crowd passes directoryId, xsrfTokenName and xsrfTokenValue parameters to the URL. h3. Environment Bitbucket 6.9.X, 7.4.X, 7.5.X, 7.6.X h3. Steps to Reproduce In Bitbucket navigate to Gear Icon User Directories;...

UBUNTU-CVE-2020-15396

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root...

SSRF when adding Jira server in admin plugin

h2. Please be aware that Atlassian does not consider this issue to represent a security risk as the functionality is restricted to users with administrative rights. h3. Issue Summary When adding a Jira server in Bamboo under the "User directories" module, an attacker can put any value in the...

NewStart CGSL CORE 5.04 / MAIN 5.04 : xdg-user-dirs Vulnerability (NS-SA-2019-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has xdg-user-dirs packages installed that are affected by a vulnerability: - It was found that the system umask policy is not being honored when creating XDG user directories /Desktop etc on first login. This could lead to user...

Fedora 29 : systemd (2018-c402eea18b)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1639076 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1639071 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1639067 - The DHCP...