175 matches found
CVE-2023-53962
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to write arbitrary files through the 'upgfile' parameter in upload.cgi. Attackers can exploit the vulnerability by sending crafted multipart form-data POST requests with...
PT-2025-52699
Name of the Vulnerable Software and Affected Versions SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x Description The software contains an unauthenticated directory traversal flaw. Remote attackers can write arbitrary files by manipulating the upgfile parameter within the 'upload.cgi' script...
CVE-2025-60024
Multiple Improper Limitations of a Pathname to a Restricted Directory 'Path Traversal' vulnerabilities CWE-22 vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or...
CVE-2025-60024
Multiple Improper Limitations of a Pathname to a Restricted Directory 'Path Traversal' vulnerabilities CWE-22 vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, FortiVoice 7.0.0 through 7.0.7 may allow a privileged authenticated attacker to write arbitrary files via specifically HTTP or...
CVE-2025-10918
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk...
EUVD-2025-84339
Insecure default permissions in the agent of Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to write arbitrary files anywhere on disk...
PT-2025-46347
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 Description A security issue exists in the agent component of Ivanti Endpoint Manager that allows a locally authenticated attacker to write arbitrary files to any location on the disk due to...
EUVD-2025-35738
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine...
CVE-2025-58078
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and write files with arbitrary data on the target machine...
CVE-2025-62424
ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - 146 and earlier, the /adminarea/templateeditor.php endpoint is vulnerable to path traversal. The validation of the file-loading path is inadequate, allowing authenticated administrators to read and write arbitrary fil...
CVE-2025-62424 ClipBucket path traversal vulnerability in template editor allows arbitrary file read and write
ClipBucket is a web-based video-sharing platform. In ClipBucket version 5.5.2 - 146 and earlier, the /adminarea/templateeditor.php endpoint is vulnerable to path traversal. The validation of the file-loading path is inadequate, allowing authenticated administrators to read and write arbitrary fil...
EUVD-2019-7667
Malware in sbrugna...
EUVD-2024-51766
Malicious code in bioql PyPI...
EUVD-2022-32722
Malicious code in bioql PyPI...
EUVD-2025-20744
Malicious code in bioql PyPI...
EUVD-2022-31719
Malicious code in bioql PyPI...
EUVD-2025-7651
Malicious code in bioql PyPI...
EUVD-2024-42467
Malicious code in bioql PyPI...
EUVD-2025-2239
Malicious code in bioql PyPI...
EUVD-2021-8458
Malicious code in bioql PyPI...