110 matches found
Flowise 路径遍历漏洞
Flowise is a FlowiseAI open source tool for easily building LLM applications. A path traversal vulnerability exists in versions prior to Flowise 3.0.8, which stems from unrestricted file path access in WriteFileTool and ReadFileTool, and could lead to arbitrary file reads and writes and remote...
EUVD-2016-8379
Malware in sbrugna...
Unity Linux 20.1070e Security Update: nasm (UTSA-2025-984703)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984703 advisory. Null pointer dereference in ieeewritefile in nasm 2.16rc0 allows attackers to cause a denial of service crash. Tenable has extracted the preceding description block...
EUVD-2025-25404
Malicious code in bioql PyPI...
Symlink Traversal
n8n is vulnerable to symlink traversal. The vulnerability is due to improper handling of symbolic links in the Read/Write File node, which allows an attacker to bypass directory restrictions and read or write to otherwise inaccessible paths...
CVE-2025-57749
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the...
Symlink Attack
Overview n8n-core is a Core functionality of n8n Affected versions of this package are vulnerable to Symlink Attack via the Read/Write File node. An attacker can access restricted files by creating symbolic links that bypass directory restrictions. Remediation Upgrade n8n-core to version 1.106.0 ...
CVE-2025-57749
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the...
CVE-2025-57749 n8n has a symlink traversal vulnerability in "Read/Write File" node allows access to restricted files
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the...
CVE-2025-57749 n8n has a symlink traversal vulnerability in "Read/Write File" node allows access to restricted files
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the...
CVE-2025-57749
n8n’s Read/Write File node is affected by a symlink traversal vulnerability disclosed for versions before 1.106.0. An attacker who can create symbolic links (e.g., via the Execute Command node) could bypass directory restrictions and read from or write to otherwise inaccessible paths. The issue d...
CVE-2025-57749 n8n has a symlink traversal vulnerability in "Read/Write File" node allows access to restricted files
n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the...
GHSA-GGJM-F3G4-RWMM n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files
Impact A symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the ability to create symlinks—such as by using the...
n8n symlink traversal vulnerability in "Read/Write File" node allows access to restricted files
Impact A symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links symlinks. An attacker with the ability to create symlinks—such as by using the...
n8n 后置链接漏洞
n8n is a scalable workflow automation tool from the n8n open source. A security vulnerability exists in n8n versions prior to 1.106.0 that stems from the presence of symbolic link traversal in the Read/Write File node, which could lead to bypassing directory restrictions...
PT-2025-34160 · N8N · N8N
Name of the Vulnerable Software and Affected Versions: n8n versions prior to 1.106.0 Description: n8n is a workflow automation platform. A symlink traversal vulnerability was discovered in the Read/Write File node. The node does not properly account for symbolic links symlinks, allowing an attack...
Linux Distros Unpatched Vulnerability : CVE-2022-46457
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NASM v2.16 was discovered to contain a segmentation violation in the component ieeewritefile at /output/outieee.c. CVE-2022-46457 Note that Nessus relies on the...
Google Chrome < 139.0.7258.127 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 139.0.7258.127. It is, therefore, affected by multiple vulnerabilities as referenced in the 202508stable-channel-update-for-desktop12 advisory. - Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a...
PT-2025-26091 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns an uninitialized variable use in the wil write file wmi function. A commit changed simple write to buffer to memdup user, but forgot to update the return value,...
OESA-2025-1585 nasm security update
NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax. It also provides tools in RDOFF binary format, includes linker, library manager, loader, and information dump. Security Fixes...