CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using another router, by-passing the middleware chain by crafting a request with a manipulated path using...

Directory Traversal

Directory Traversal

Snyk•added 2025/05/28 2:25 p.m.•2 views

Directory Traversal

Overview github.com/traefik/traefik/v2/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using anoth...

6.3CVSS7.7AI score0.00784EPSS

Directory Traversal

6.3CVSS7.7AI score0.00784EPSS

Directory Traversal

Overview github.com/containous/traefik/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Directory Traversal when using the PathPrefix, Path, or PathRegex route matchers. An attacker can target a backend exposed using anoth...

IBM Security Bulletins•added 2025/05/28 2:21 p.m.•16 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for May 2025

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.1 IF001 Vulnerability Details CVEID:CVE-2025-31651 DESCRIPTION: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in...

9.8CVSS10AI score0.04505EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2025/05/28 6:36 a.m.•11 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to CVE-2024-51453.

Summary IBM Sterling Secure Proxy is vulnerable to Path Traversal. Vulnerability Details CVEID:CVE-2024-51453 DESCRIPTION: IBM Sterling Secure Proxy could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot"...

7.5CVSS6.8AI score0.0043EPSS

Exploits0Affected Software1

Packet Storm News•added 2025/05/28 12:0 a.m.•5 views

On the Intractability of Chaotic Symbolic Walks: toward a Non-Algebraic Post-Quantum Hardness Assumption

Most classical and post-quantum cryptographic assumptions, including integer factorization, discrete logarithms, and Learning with Errors LWE, rely on algebraic structures such as rings or vector spaces. While mathematically powerful, these structures can be exploited by quantum algorithms or...

7.1AI score

Packet Storm News•added 2025/05/28 12:0 a.m.•3 views

GeneBreaker: Jailbreak Attacks against DNA Language Models with Pathogenicity Guidance

DNA, encoding genetic instructions for almost all living organisms, fuels groundbreaking advances in genomics and synthetic biology. Recently, DNA Foundation Models have achieved success in designing synthetic functional DNA sequences, even whole genomes, but their susceptibility to jailbreaking...

7.5AI score

Packet Storm News•added 2025/05/28 12:0 a.m.•2 views

Domainator: Detecting and Identifying DNS-Tunneling Malware Using Metadata Sequences

In recent years, malware with tunneling or: covert channel capabilities is on the rise. While malware research led to several methods and innovations, the detection and differentiation of malware solely based on its DNS tunneling features is still in its infancy. Moreover, no work so far has used...

7.1AI score

Positive Technologies•added 2025/05/28 12:0 a.m.•6 views

PT-2025-23090 · Ibm · Ibm Sterling Secure Proxy

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.2.0.0 through 6.2.0.1 Description: The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing dot dot sequences ../ to view...

7.5CVSS6.3AI score0.0043EPSS

Exploits0References5

Packet Storm News•added 2025/05/27 12:0 a.m.•2 views

Enhancing JavaScript Malware Detection through Weighted Behavioral DFAs

This work addresses JavaScript malware detection to enhance client-side web application security with a behavior-based system. The ability to detect malicious JavaScript execution sequences is a critical problem in modern web security as attack techniques become more sophisticated. This study...

6.8AI score

Tenable Nessus•added 2025/05/27 12:0 a.m.•16 views

RHEL 9 : xterm (RHSA-2025:7427)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7427 advisory. The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can...

9.8CVSS8.6AI score0.04949EPSS

Exploits1References5

RedhatCVE•added 2025/05/23 10:42 a.m.•6 views

CVE-2024-47164

Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the bypass of directory traversal checks within the isinorequal function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that...

6.5CVSS7AI score0.00687EPSS

RedhatCVE•added 2025/05/23 10:31 a.m.•4 views

CVE-2024-43785

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape sequences—that appear in a...

2.5CVSS6.7AI score0.00198EPSS