Lucene search
K

21212 matches found

Vulnrichment
Vulnrichment
added 2025/04/23 12:0 a.m.7 views

CVE-2025-46394

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences...

3.2CVSS7.1AI score0.00149EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.4 views

PT-2025-17645

Name of the Vulnerable Software and Affected Versions BusyBox versions through 1.37.0 Description A TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. Recommendations For versions through 1.37.0, consider updating to a version that fixes this issue ...

7.8CVSS6.6AI score0.02793EPSS
Exploits8References87
Snyk
Snyk
added 2025/04/21 3:40 p.m.2 views

Directory Traversal

Overview github.com/traefik/traefik/v2/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the...

9.3CVSS5.1AI score0.00768EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/21 3:40 p.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...

9.3CVSS7.7AI score0.00768EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/21 3:40 p.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...

9.3CVSS7.7AI score0.00768EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/21 3:40 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...

9.3CVSS7.7AI score0.00768EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/21 3:40 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...

9.3CVSS7.7AI score0.00768EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/21 3:40 p.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal when routing requests to a backend using a PathPrefix, Path, or PathRegex matcher. An attacker can bypass the middleware chain to access backend services by including traversal sequences like /../ in a request. Detai...

9.3CVSS7.7AI score0.00768EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/04/21 12:0 a.m.4 views

Scalable APT Malware Classification Via Parallel Feature Extraction and GPU-Accelerated Learning

This paper presents an underlying framework for both automating and accelerating malware classification, more specifically, mapping malicious executables to known Advanced Persistent Threat APT groups. The main feature of this analysis is the assembly-level instructions present in executables whi...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2025/04/21 12:0 a.m.254 views

📄 WordPress 123pan Cloud Storage 1.0 File Deletion / Shell Upload / Injection

WordPress 123pan Cloud Storage plugin version 1.0 suffers from token handling, remote shell upload, file deletion, and HTTP header injection vulnerabilities. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title WordPress 123pan Cloud Storage Plugin - Multiple...

7.7AI score
Exploits0
OpenVAS
OpenVAS
added 2025/04/21 12:0 a.m.10 views

Slackware: Security Advisory (SSA:2025-109-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.0198EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/04/20 3:33 p.m.173 views

Exploit for Path Traversal in Gnu Mailman

CVE-2025-43919: Directory Traversal in GNU Mailman 2.1.39 cPa...

7.5CVSS7.3AI score0.01403EPSS
Exploits3
Slackware Linux
Slackware Linux
added 2025/04/19 7:32 p.m.27 views

[slackware-security] zsh

New zsh packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/zsh-5.9-i586-1slack15.0.txz: Upgraded. This release fixes a security issue in zsh-5.8: Some prompt expansion sequences, such as %F, support 'argument...

7.8CVSS7.3AI score0.0198EPSS
Exploits0
Hacker One
Hacker One
added 2025/04/18 5:41 p.m.8 views

curl: Path Traversal Vulnerability in curl via Unsanitized IPFS_PATH Environment Variable

A path traversal vulnerability exists in curl versions with IPFS support 7.81.0+. The IPFSPATH environment variable is not properly sanitized, allowing attackers to read arbitrary files by manipulating directory traversal sequences e.g., ../../../../etc. This flaw enables leakage of sensitive dat...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/18 12:0 a.m.13 views

Detecting Zero-Day Web Attacks with an Ensemble of LSTM, GRU, and Stacked Autoencoders

The rapid growth in web-based services has significantly increased security risks related to user information, as web-based attacks become increasingly sophisticated and prevalent. Traditional security methods frequently struggle to detect previously unknown zero-day web attacks, putting sensitiv...

6.7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/04/17 5:46 p.m.311 views

Exploit for Path Traversal in Ollama

Ollama CVE-2024-45436 Exploit A clean and efficient exploit i...

9.1CVSS9.6AI score0.02581EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/17 1:32 p.m.18 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-51775 DESCRIPTION: jose4j is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted p2c value...

7.5CVSS9.7AI score0.01433EPSS
Exploits2Affected Software1
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.2 views

OpCode-Based Malware Classification Using Machine Learning and Deep Learning Techniques

This technical report presents a comprehensive analysis of malware classification using OpCode sequences. Two distinct approaches are evaluated: traditional machine learning using n-gram analysis with Support Vector Machine SVM, K-Nearest Neighbors KNN, and Decision Tree classifiers; and a deep...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/17 12:0 a.m.12 views

Amazon Linux 2 : pcs (ALAS-2025-2822)

The version of pcs installed on the remote host is prior to 0.9.169-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2822 advisory. Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type...

7.5CVSS6.9AI score0.00699EPSS
Exploits0References4
NVD
NVD
added 2025/04/16 11:15 p.m.16 views

CVE-2025-24908

Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' doubled triple dot slash sequences that can resolve to a location that is outside of that directory. CWE-35 Description Hitachi...

6.8CVSS0.00403EPSS
Exploits0References1
Rows per page
Query Builder