4 matches found
CVE-2026-56377
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries...
GHSA-F7XC-5852-FJ99 Saloon has a Fixture Name Path Traversal Vulnerability
Impact Users with MockResponse fixtures that use path traversal. Patches Upgrade to Saloon v4+ Upgrade guide: https://docs.saloon.dev/upgrade/upgrading-from-v3-to-v4 Description Fixture names were used to build file paths under the configured fixture directory without validation. A name containin...
EUVD-2025-202288
Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required...
CVE-2025-13661
Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required...