786 matches found
Automation Anywhere Automation 360 - Server-Side Request Forgery
Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. id: CVE-2024-6922 info: name: Automation Anywhere Automation 360 - Server-Side Request Forgery author: DhiyaneshDK severity: high description: | Automation Anywhere Automation 360 v21-v...
[SECURITY] Fedora 44 Update: moby-engine-29.6.0-1.fc44
Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between =E2=80=94 and...
PT-2026-50780
Name of the Vulnerable Software and Affected Versions nanobot versions prior to 0.1.5.post4 Description The WhatsApp bridge in bridge/src/whatsapp.ts constructs a filesystem path using the fileName field from an incoming WhatsApp document message without sanitization. The bridge downloads media...
EUVD-2025-210155
An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...
CVE-2025-68713
An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...
CVE-2025-68713
Rakuten Send Anywhere for Android (com.estmob.android.sendanywhere, version 23.2.9) is affected. A vulnerability allows untrusted applications with no permissions to trigger arbitrary file downloads into the app’s scoped storage, with downloaded items appearing in the app’s trusted Received inter...
CVE-2025-68713
An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...
CVE-2019-25714
CVE-2019-25714 affects Seeyon OA A8, with an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint. The issue allows remote attackers to write arbitrary files to the web application root by sending specially crafted POST requests containing base64-encoded pa...
CVE-2019-25714 Seeyon Office Anywhere (OA) A8 Unauthenticated Arbitrary File Write via htmlofficeservlet
Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint that allows remote attackers to write arbitrary files to the web application root by sending specially crafted POST requests with custom base64-encoded payloads. Attackers can wri...
CVE-2026-0972
HTML injection is possible in system generated emails in Fortra's GoAnywhere MFT prior to 7.10.0. Note: The title, details, and description of this CVE were corrected post-publishing...
EUVD-2025-208220
In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-69379
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload Files Anywhere: from n/a through = 2.8...
CVE-2025-69380
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload Files Anywhere: from n/a through = 2.8...
CVE-2025-69379
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload Files Anywhere: from n/a through = 2.8...
CVE-2025-69380
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload Files Anywhere: from n/a through = 2.8...
CVE-2025-69380 WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload Files Anywhere: from n/a through = 2.8...
CVE-2025-69379
CVE-2025-69379: WordPress Upload Files Anywhere plugin (WP plugin) 2.8). If you are running this plugin, monitor for updates and apply the patched release when available to mitigate unauthorized file deletion risk.
CVE-2025-69380
CVE-2025-69380 refers to WordPress Upload Files Anywhere
CVE-2025-69379 WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish Upload Files Anywhere wp-upload-files-anywhere allows Path Traversal.This issue affects Upload Files Anywhere: from n/a through = 2.8...
PT-2026-21161
Name of the Vulnerable Software and Affected Versions vanquish Upload Files Anywhere versions prior to 2.9 Description The software contains a flaw related to improper limitation of a pathname to a restricted directory, also known as a Path Traversal issue. This impacts the Upload Files Anywhere...