Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20755 matches found

Snyk
Snykadded 2026/04/05 10:10 p.m.0 views

Directory Traversal

Overview phpbb/phpbb is a Forum Software application. Affected versions of this package are vulnerable to Directory Traversal via the plupload process and the phar:// stream wrapper. An attacker can execute arbitrary code by uploading a crafted archive containing serialized PHP objects that are...

8.8CVSS6.5AI score0.00183EPSS
Exploits0References2
Snyk
Snykadded 2026/04/05 10:8 p.m.1 views

Directory Traversal

Overview griptape is a Modular Python framework for LLM workflows, tools, memory, and data. Affected versions of this package are vulnerable to Directory Traversal via the filename handling in the code-writing path used by executecodeincontainer in griptape/tools/computer/tool.py. An attacker can...

6.5CVSS7.2AI score0.00422EPSS
Exploits0References2
Snyk
Snykadded 2026/04/05 10:8 p.m.3 views

Directory Traversal

Overview griptape-tools is a Tools for the Griptape framework. Affected versions of this package are vulnerable to Directory Traversal via the filename handling in the code-writing path used by executecodeincontainer in griptape/tools/computer/tool.py. An attacker can write arbitrary files on the...

6.5CVSS7.2AI score0.00422EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/05 9:30 p.m.3 views

EUVD-2019-20101

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS5.9AI score0.00173EPSS
Exploits1References4
NVD
NVDadded 2026/04/05 9:16 p.m.2 views

CVE-2019-25683

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS0.00173EPSS
Exploits1References3
UbuntuCve
UbuntuCveadded 2026/04/05 9:16 p.m.3 views

CVE-2019-25683

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS5.9AI score0.00173EPSS
Exploits1References4
OSV
OSVadded 2026/04/05 9:16 p.m.1 views

UBUNTU-CVE-2019-25683

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS5.8AI score0.00173EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/04/05 8:45 p.m.1 views

CVE-2019-25683

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS5.9AI score0.00173EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/05 8:45 p.m.2 views

CVE-2019-25683 FileZilla 3.40.0 Denial of Service via Local Search

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS5.9AI score0.00173EPSS
Exploits1References3
CVE
CVEadded 2026/04/05 8:45 p.m.15 views

CVE-2019-25683

FileZilla 3.40.0 is reported vulnerable to a local-denial-of-service in the local search function. A crafted search directory input consisting of 384 'A' characters followed by 'BBBB' and 'CCCC' sequences can crash the application when performing a local search. CVSS data indicates local attack v...

6.9CVSS5.9AI score0.00173EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2026/04/05 8:45 p.m.19 views

CVE-2019-25683 FileZilla 3.40.0 Denial of Service via Local Search

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS0.00173EPSS
Exploits1References3
Hacker One
Hacker Oneadded 2026/04/05 8:31 p.m.62 views

curl: SMTP Command Injection via CRLF in libcurl MAIL_FROM / MAIL_RCPT (lib/smtp.c)

Summary libcurl’s SMTP implementation fails to properly sanitize CRLF sequences in user-controlled inputs passed via CURLOPTMAILFROM and CURLOPTMAILRCPT. The function smtpparseaddress lib/smtp.c:277 extracts any data following the closing character as a raw suffix and incorporates it directly int...

6.2AI score
Exploits0
Snyk
Snykadded 2026/04/05 8:7 p.m.0 views

Directory Traversal

Overview griptape is a Modular Python framework for LLM workflows, tools, memory, and data. Affected versions of this package are vulnerable to Directory Traversal the LocalFileManagerDriver file path resolution in griptape/drivers/filemanager/localfilemanagerdriver.py. An attacker can read, list...

6.5CVSS7.1AI score0.00339EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/05 4:58 p.m.4 views

CVE-2026-3666

The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and...

8.8CVSS6AI score0.00446EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/04/05 7:33 a.m.34 views

Emlog-v2.6.9-Vulnerability-Report

Emlog-v2.6.9-Vulnerability-Report CVE ID: REQUESTED D...

6.2AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/05 12:0 a.m.11 views

PT-2026-30491

FileZilla 3.40.0 contains a denial of service vulnerability in the local search functionality that allows local attackers to crash the application by supplying a malformed path string. Attackers can trigger the crash by entering a crafted path containing 384 'A' characters followed by 'BBBB' and...

6.9CVSS5.9AI score0.00173EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/04/04 5:0 p.m.2 views

CVE-2026-35214

Budibase is an open-source low-code platform. Prior to version 3.33.4, the plugin file upload endpoint POST /api/plugin/upload passes the user-supplied filename directly to createTempFolder without sanitizing path traversal sequences. An attacker with Global Builder privileges can craft a multipa...

8.7CVSS5.9AI score0.00554EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/04 12:31 p.m.4 views

EUVD-2026-18999

The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and...

8.8CVSS6AI score0.00446EPSS
Exploits0References3
NVD
NVDadded 2026/04/04 12:16 p.m.3 views

CVE-2026-3666

The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and...

8.8CVSS0.00446EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/04 11:16 a.m.1 views

CVE-2026-3666

The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber level access and...

8.8CVSS6AI score0.00446EPSS
Exploits0References3
Rows per page
Query Builder