Total
221 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-32008 | 1 Openclaw | 1 Openclaw | 2026-03-23 | N/A | 6.5 MEDIUM |
| OpenClaw versions prior to 2026.2.21 contain an improper URL scheme validation vulnerability in the assertBrowserNavigationAllowed() function that allows authenticated users with browser-tool access to navigate to file:// URLs. Attackers can exploit this by accessing local files readable by the OpenClaw process user through browser snapshot and extraction actions to exfiltrate sensitive data. | |||||
| CVE-2026-28722 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 7.3 HIGH |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2026-28721 | 2 Acronis, Microsoft | 2 Cyber Protect, Windows | 2026-03-11 | N/A | 7.3 HIGH |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186. | |||||
| CVE-2025-48654 | 1 Google | 1 Android | 2026-03-06 | N/A | 7.8 HIGH |
| In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-44209 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2026-03-06 | N/A | 7.8 HIGH |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29051, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | |||||
| CVE-2022-23439 | 1 Fortinet | 14 Fortiadc, Fortiauthenticator, Fortiddos and 11 more | 2026-01-14 | N/A | 4.7 MEDIUM |
| A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows attacker to poison web caches via crafted HTTP requests, where the `Host` header points to an arbitrary webserver | |||||
| CVE-2024-6717 | 1 Hashicorp | 1 Nomad | 2026-01-02 | N/A | 7.7 HIGH |
| HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2. | |||||
| CVE-2025-68478 | 1 Langflow | 1 Langflow | 2026-01-02 | N/A | 7.1 HIGH |
| Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0, if an arbitrary path is specified in the request body's `fs_path`, the server serializes the Flow object into JSON and creates/overwrites a file at that path. There is no path restriction, normalization, or allowed directory enforcement, so absolute paths (e.g., /etc/poc.txt) are interpreted as is. Version 1.7.0 fixes the issue. | |||||
| CVE-2024-7625 | 1 Hashicorp | 1 Nomad | 2025-12-29 | N/A | 5.8 MEDIUM |
| In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability, CVE-2024-7625, is fixed in Nomad 1.6.14, 1.7.11, and 1.8.3. Access or compromise of the Nomad client agent at the source allocation first is a prerequisite for leveraging this vulnerability. | |||||
| CVE-2025-48598 | 1 Google | 1 Android | 2025-12-08 | N/A | 6.6 MEDIUM |
| In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2018-12381 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2025-11-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating systems are not affected.*. This vulnerability affects Firefox ESR < 60.2 and Firefox < 62. | |||||
| CVE-2023-40194 | 1 Foxitsoftware | 1 Foxit Reader | 2025-11-04 | N/A | 8.8 HIGH |
| An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-39542 | 1 Foxitsoftware | 1 Foxit Reader | 2025-11-04 | N/A | 8.8 HIGH |
| A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, which can lead to remote code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-35985 | 1 Foxitsoftware | 1 Foxit Reader | 2025-11-04 | N/A | 8.8 HIGH |
| An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled. | |||||
| CVE-2023-49864 | 1 Wwbn | 1 Avideo | 2025-11-04 | N/A | 6.5 MEDIUM |
| An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_image` parameter. | |||||
| CVE-2023-49863 | 1 Wwbn | 1 Avideo | 2025-11-04 | N/A | 6.5 MEDIUM |
| An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_webpimage` parameter. | |||||
| CVE-2023-49862 | 1 Wwbn | 1 Avideo | 2025-11-04 | N/A | 6.5 MEDIUM |
| An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_gifimage` parameter. | |||||
| CVE-2025-0111 | 1 Paloaltonetworks | 1 Pan-os | 2025-11-04 | N/A | 6.5 MEDIUM |
| An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software. | |||||
| CVE-2024-10979 | 1 Postgresql | 1 Postgresql | 2025-11-03 | N/A | 8.8 HIGH |
| Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | |||||
| CVE-2022-27593 | 1 Qnap | 2 Photo Station, Qts | 2025-11-03 | N/A | 10.0 CRITICAL |
| An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later | |||||