CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21015 matches found

CVE•added 2025/08/19 5:46 p.m.•17 views

CVE-2025-55295

CVE-2025-55295 is a path traversal flaw in qBit Manage’s web API. Authenticated users can bypass directory restrictions via the backup_id parameter in the restore_config_from_backup endpoint, allowing reading of arbitrary server files. The issue affects qBit Manage prior to version 4.5.4. The fix...

6.5CVSS6.8AI score0.00458EPSS

Exploits0References2

OSV•added 2025/08/19 5:46 p.m.•5 views

CVE-2025-55295 qBit Manage Path Traversal Vulnerability

qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbitmanage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restoreconfigfrombackup endpoint. The vulnerability...

6.5CVSS6.4AI score0.00458EPSS

Exploits0References4

Vulnrichment•added 2025/08/19 5:46 p.m.•6 views

CVE-2025-55295 qBit Manage Path Traversal Vulnerability

6.5CVSS6.8AI score0.00458EPSS

Exploits0References2

Veracode•added 2025/08/19 10:35 a.m.•4 views

Path Traversal

github.com/traefik/traefik is vulnerable to path traversal. The vulnerability is due to improper validation of file paths in the WASM plugin installation mechanism, which allows an attacker to supply a malicious ZIP archive with ../ sequences to overwrite arbitrary files on the system...

9.8CVSS7.1AI score0.01035EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2025/08/19 12:0 a.m.•6 views

PT-2025-33819 · Unknown · Qbit Manage

Name of the Vulnerable Software and Affected Versions: qBit Manage versions prior to 4.5.4 Description: A path traversal vulnerability exists in qBit Manage's web API that allows authenticated users to read arbitrary files from the server filesystem. The vulnerability is located in the restore...

6.5CVSS7AI score0.00458EPSS

Exploits0References6

SUSE CVE•added 2025/08/18 11:22 p.m.•3 views

SUSE CVE-2025-54389

AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamp...

6.2CVSS6.6AI score0.0021EPSS

Exploits1References7

Snyk•added 2025/08/18 5:41 p.m.•3 views

Directory Traversal

Overview copier is an A library for rendering project templates. Affected versions of this package are vulnerable to Directory Traversal via the rendering process when generating a directory structure whose rendered path is either a relative parent path or an absolute path. An attacker can...

7.1CVSS7.7AI score0.00244EPSS

Exploits0References2

RedhatCVE•added 2025/08/18 5:38 p.m.•4 views

CVE-2025-41242

A path traversal flaw was found in the Spring Framework MVC, affecting applications built on this framework. This flaw only affects applications that are deployed as a WAR or with an embedded Servlet container, which do not reject suspicious sequences and serve static resources with Spring resour...

5.9CVSS5.8AI score0.01916EPSS

Exploits1References6

Snyk•added 2025/08/18 4:47 p.m.•4 views

Arbitrary File Read/Write

Overview copier is an A library for rendering project templates. Affected versions of this package are vulnerable to Arbitrary File Read/Write via the exposure of pathlib.Path objects in the Jinja context, which have unconstrained I/O methods. An attacker can access or modify arbitrary files on t...

8.5CVSS7.8AI score0.0024EPSS

Exploits0References2

SUSE Linux•added 2025/08/18 4:1 p.m.•5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

8.7CVSS8.3AI score0.03133EPSS

Exploits11References1136

OSV•added 2025/08/18 4:1 p.m.•5 views

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

7.8CVSS8.7AI score0.03133EPSS

Exploits11References567

OSV•added 2025/08/18 9:31 a.m.•5 views

GHSA-R936-GWX5-V52F Spring Framework MVC Applications Path Traversal Vulnerability

Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or with an embedded Servlet container the Servlet...

5.9CVSS6AI score0.01916EPSS

Exploits1References3