CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20838 matches found

RedhatCVE•added 2026/02/19 2:10 p.m.•3 views

CVE-2019-25355

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal...

8.7CVSS5.5AI score0.01206EPSS

Exploits1References2

RedhatCVE•added 2026/02/19 1:28 p.m.•6 views

CVE-2026-2426

The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'file' parameter in the file deletion functionality. This is due to insufficient validation of user-supplied file paths, allowing directory traversal sequences. This make...

6.5CVSS6.6AI score0.01252EPSS

Exploits0References1

The Hacker News•added 2026/02/19 11:55 a.m.•9 views

From Exposure to Exploitation: How AI Collapses Your Response Window

We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay do...

6.2AI score

Exploits0

RedhatCVE•added 2026/02/19 7:28 a.m.•3 views

CVE-2026-2419

The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'downloadpath' configuration parameter. This is due to insufficient validation of the download path setting, which allows directory traversal sequences to bypass the...

2.7CVSS5.7AI score0.00718EPSS

Exploits0References1

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20875

Summary An issue in Kata with Cloud Hypervisor allows a user of the container to modify the file system used by the Guest micro VM ultimately achieving arbitrary code execution as root in said VM. The current understinding is this doesn’t impact the security of the Host or of other containers / V...

5.2CVSS6.2AI score

Exploits0References5

Tenable Nessus•added 2026/02/19 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2019-25355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal...

8.7CVSS8.4AI score0.01206EPSS

Exploits1References2

NVD•added 2026/02/18 10:16 p.m.•4 views

CVE-2019-25352

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

8.7CVSS0.00765EPSS

Exploits0References4

NVD•added 2026/02/18 10:16 p.m.•9 views

CVE-2019-25355

8.7CVSS0.01206EPSS

Exploits1References4

OSV•added 2026/02/18 10:16 p.m.•2 views

CVE-2019-25355

7.5CVSS7.3AI score

Exploits0References4

OSV•added 2026/02/18 10:16 p.m.•3 views

DEBIAN-CVE-2019-25355

7.5CVSS5.6AI score0.01206EPSS

Exploits1References1

UbuntuCve•added 2026/02/18 10:16 p.m.•5 views

CVE-2019-25355

8.7CVSS7.2AI score0.01206EPSS

Exploits1References5

OSV•added 2026/02/18 10:16 p.m.•3 views

UBUNTU-CVE-2019-25355

8.7CVSS7.3AI score0.01206EPSS

Exploits1References6

CVE•added 2026/02/18 9:55 p.m.•37 views

CVE-2019-25355

CVE-2019-25355 affects gSOAP 2.8, where an unauthenticated attacker can perform HTTP path traversal to access sensitive files (e.g., /etc/passwd) by sending crafted GET requests with multiple "../" sequences. Root cause is directory traversal in the HTTP path handling. Documented impact indicates...

8.7CVSS5.5AI score0.01206EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/02/18 9:55 p.m.•3 views

CVE-2019-25355 Genivia gSOAP 2.8 - 'gSOAP' Path Traversal

8.7CVSS5.5AI score0.01206EPSS

Exploits1References4

Cvelist•added 2026/02/18 9:55 p.m.•27 views

CVE-2019-25355 Genivia gSOAP 2.8 - 'gSOAP' Path Traversal

8.7CVSS0.01206EPSS

Exploits1References4

Cvelist•added 2026/02/18 9:54 p.m.•25 views

CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

8.7CVSS0.00765EPSS

Exploits0References4

Vulnrichment•added 2026/02/18 9:54 p.m.•3 views

CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

8.7CVSS5.6AI score0.00765EPSS

Exploits0References4

CVE•added 2026/02/18 9:54 p.m.•10 views

CVE-2019-25352

Crystal Live HTTP Server 6.01 exposes a directory traversal vulnerability allowing remote attackers to access sensitive files by manipulating URL path segments with multiple ../ sequences. Affected component is the server’s handling of URL paths, enabling navigation outside the web root and poten...

8.7CVSS5.6AI score0.00765EPSS

Exploits0References4

Snyk•added 2026/02/18 5:44 p.m.•1 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the sendBlueBubblesMedia function. An attacker can access and exfiltrate arbitrary files from the local filesystem by supplying crafted paths to the mediaPath...

8.7CVSS6.6AI score0.00292EPSS

Exploits0References2

Snyk•added 2026/02/18 5:38 p.m.•4 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the browser control API's handling of output paths for trace and download files. An attacker can write files to arbitrary locations on the filesystem by supplying...

9.1CVSS6.6AI score0.00425EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by