Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.9 views

CVE-2026-9558

A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...

9.9CVSS6.1AI score0.00439EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-41580

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01174EPSS
Exploits0References1
OSV
OSV
added 2024/10/10 10:15 p.m.13 views

PYSEC-2024-213

Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the bypass of directory traversal checks within the isinorequal function. This function, intended to check if a file resides within a given directory, can be bypassed with certain payloads that...

6.5CVSS6.7AI score0.00687EPSS
Exploits0References1
OSV
OSV
added 2024/04/06 5:15 p.m.7 views

CVE-2024-0406

A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privilege...

7.8CVSS7.4AI score0.00928EPSS
Exploits1References3
OSV
OSV
added 2022/11/04 6:15 p.m.4 views

CVE-2022-20956

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management interface of an affected...

8.8CVSS5.8AI score0.01322EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/31 12:0 a.m.31 views

Apple Mac OS X Security Update (HT213056)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.6AI score0.01688EPSS
Exploits0References1
NVD
NVD
added 2021/11/19 7:15 p.m.13 views

CVE-2021-22967

In Concrete CMS formerly concrete 5 below 8.5.7, IDOR Allows Unauthenticated User to Access Restricted Files If Allowed to Add Message to a Conversation.To remediate this, a check was added to verify a user has permissions to view files before attaching the files to a message in "add / edit...

7.5CVSS0.01109EPSS
Exploits0References2
Prion
Prion
added 2021/08/24 7:15 p.m.18 views

Input validation

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. An application may be able to access...

4.3CVSS5.4AI score0.02405EPSS
Exploits0References6Affected Software6
Cvelist
Cvelist
added 2020/10/16 4:55 p.m.24 views

CVE-2020-9968

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Catalina 10.15.7, tvOS 14.0, watchOS 7.0. A malicious application may be able to access restricted files...

5.2AI score0.01147EPSS
Exploits0References8
Cvelist
Cvelist
added 2020/02/27 8:45 p.m.26 views

CVE-2020-3835

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to access restricted files...

5.5AI score0.00334EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

PHP <= 5.2.5 cURL 'safe mode' Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27413/info PHP cURL is prone to a 'safe mode' security-bypass vulnerability. Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks. Th...

7.1AI score
Exploits0
Prion
Prion
added 2009/10/06 5:30 p.m.15 views

Design/Logic Flaw

puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files...

4.7CVSS6.3AI score0.00377EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2002/08/13 12:0 a.m.17 views

RedHat Interchange 4.8.x - Arbitrary File Read

source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc' folder. Reportedly, the folder will be installed...

7.4AI score
Exploits0
NVD
NVD
added 2002/03/15 5:0 a.m.22 views

CVE-2002-0080

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed...

2.1CVSS8.3AI score0.00521EPSS
Exploits0References5
Rows per page
Query Builder