Lucene search
K

2060 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Ansible

There exists an absolute path traversal attack within the Ansible automation platform. This flaw allows an attacker to create a malicious Ansible role and have the victim execute that role. A symbolic link can be used to overwrite a file that is outside of the extraction path...

6.3CVSS6.8AI score0.00859EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 7:54 p.m.19 views

CVE-2026-49248

OneDev CVE-2026-49248 affects versions 15.0.6 and earlier. TarUtils.untar() creates symbolic links using entry getLinkName() without validating absolute path targets; a following file entry can traverse the symlink and write to arbitrary server-side locations. This enables RCE-like behavior for a...

8.3CVSS5.4AI score0.00382EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 7:54 p.m.16 views

CVE-2026-49248 OneDev: RCE through absolute-path symlink following allows low-privileged users to overwrite arbitrary server via TarUtils.untar

OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar creates symbolic links verbatim from TAR entry getLinkName without validating whether the target is an absolute path. A subsequent file entry in the same archive traverses the symlink, writing to...

8.3CVSS0.00382EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 6:43 p.m.5 views

GHSA-X223-P2GF-V735 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak

Summary Unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the server. In adition, in the response, the absolute path of the uploaded file is reported to...

9.3CVSS5.4AI score0.0031EPSS
Exploits1References3
NVD
NVD
added 2026/06/15 2:16 p.m.9 views

CVE-2016-20080

WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wpabspath parameter. Attackers can supply path traversal sequences or remote URLs through the...

6.9CVSS0.0039EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 12:0 p.m.6 views

EUVD-2016-10892

WordPress Brandfolder plugin version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wpabspath parameter. Attackers can supply path traversal sequences or remote URLs through the...

6.9CVSS5.6AI score0.0039EPSS
Exploits0References4
CVE
CVE
added 2026/06/15 12:0 p.m.10 views

CVE-2016-20080

CVE-2016-20080 – WordPress Brandfolder Plugin (v3.0 and earlier) suffers a local file inclusion flaw in callback.php. An unauthenticated attacker can influence the wp_abspath parameter to read arbitrary local files (e.g., wp-config.php) via path traversal or remote URLs, potentially enabling remo...

6.9CVSS5.7AI score0.0039EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/12 7:9 p.m.11 views

EUVD-2026-35400

TYPO3 CMS has Broken Access Control in its File Abstraction Layer...

2.1CVSS5.2AI score0.00356EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/12 6:23 p.m.14 views

GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

Summary A vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web page and create files containing the master password in plaintext. The provided file name must be an absolute path to t...

7.2CVSS6.2AI score0.00353EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/06/12 6:23 p.m.9 views

GHSA-7QMG-GRCP-QF25 GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

Summary A vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web page and create files containing the master password in plaintext. The provided file name must be an absolute path to t...

7.2CVSS6.2AI score0.00353EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/12 2:35 p.m.12 views

CVE-2026-48855

A flaw was found in Erlang OTP ssh, specifically within the sshsftpd module. An authenticated SFTP client can exploit this vulnerability by creating a symbolic link symlink inside a restricted directory chroot that points to the root directory. When the client reads this symlink, the sshsftpd...

6.5CVSS5.2AI score0.00277EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.15 views

PT-2026-49053

Name of the Vulnerable Software and Affected Versions GeoServer versions prior to 2.26.4 GeoServer versions prior to 2.27.3 Description An authenticated administrator with access to the security system can provide arbitrary absolute file paths to the Master Password Dump web page to create files...

7.2CVSS8.2AI score0.00353EPSS
Exploits0References9
CVE
CVE
added 2026/06/10 2:35 p.m.26 views

CVE-2026-48855

Summary: CVE-2026-48855 affects Erlang OTP ssh_sftpd. An authenticated SFTP client can create a symlink inside a chroot that points to the filesystem root; when reading the link via SSH_FXP_READLINK, ssh_sftpd exposes the absolute backend root path (and any symlink targets) instead of the chroote...

6.5CVSS5.5AI score0.00277EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/06/10 2:35 p.m.13 views

EEF-CVE-2026-48855 SFTP READLINK Leaks Absolute Backend Filesystem Path When Root Is Configured

Summary Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh ssh\sftpd module allows File Discovery. The SSH\FXP\READLINK handler in ssh\sftpd sends the raw result of file:read\link/2 to the client without calling chroot\filename/2 to strip the backend root...

2.3CVSS5.5AI score0.00277EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7217

A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function readdocx/readxlsx/readpptx/listxlsxsheets/readpdf of the file packages/mcp-office/src/index.ts of the component Document File Handler. Such manipulation of the argument path leads t...

6.9CVSS5.5AI score0.0044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.6 views

CVE-2026-10075

DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulnerability...

6.9CVSS5.6AI score0.00387EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 6:16 p.m.11 views

CVE-2026-43624

F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-supplied project names directly to os.path.join without validating the resulting path stays within the...

8.8CVSS5.9AI score0.00393EPSS
Exploits0References5
NVD
NVD
added 2026/05/29 2:16 p.m.14 views

CVE-2026-10075

DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulnerability...

6.9CVSS0.00387EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 12:53 p.m.11 views

EUVD-2026-33301

DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulnerability...

6.9CVSS5.9AI score0.00387EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/29 12:53 p.m.11 views

CVE-2026-10075 Interinfo|DreamMaker - Path Traversal

DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulnerability...

6.9CVSS5.9AI score0.00387EPSS
Exploits0References2
Rows per page
Query Builder