Lucene search
K

694 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:10 a.m.11 views

CVE-2017-18847

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400v2 before 1.0.2.32, R7000P/R6900P before 1.0.0.56, R7900 before 1.0.1.18, R8300 before 1.0.2.1001.0.82, R8500 before 1.0.2.1001.0.82, and D8500 before 1.0.3.29...

6.2CVSS6.9AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:10 a.m.8 views

CVE-2017-18797

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100...

6.2CVSS6.9AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:39 a.m.11 views

CVE-2017-18752

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects EX3700 before 1.0.0.64, EX3800 before 1.0.0.64, EX6120 before 1.0.0.32, EX6130 before 1.0.0.16, R6300v2 before 1.0.4.12, R6700 before 1.0.1.26, R6900 before 1.0.1.22, R7000 before 1.0.9.6, R7300DST...

8.8CVSS6.8AI score0.00609EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:40 a.m.11 views

CVE-1999-0738

The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files...

5CVSS7.1AI score0.28953EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:38 a.m.16 views

CVE-1999-0736

The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files...

5CVSS7.1AI score0.44845EPSS
Exploits0References1
NVD
NVD
added 2025/12/29 8:15 p.m.3 views

CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...

9.1CVSS0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/29 12:0 a.m.2 views

CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...

6.8AI score0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.5 views

VvvebJs 安全漏洞

VvvebJs is a drag-and-drop website generator from Givan Personal Developers. A security vulnerability exists in VvvebJs version 1.7.2, which stems from the filegetcontents function in the save.php file mishandling user-supplied URLs, which could lead to server-side request forgery and arbitrary...

9.1CVSS5.9AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/29 12:0 a.m.22 views

CVE-2024-25181

A critical vulnerability has been identified in givanz VvvebJs 1.7.2, which allows both Server-Side Request Forgery SSRF and arbitrary file reading. The vulnerability stems from improper handling of user-supplied URLs in the "filegetcontents" function within the "save.php" file...

0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.5 views

Takes 安全漏洞

Takes is an object-oriented Java web development framework by the individual developer Yegor Bugayenko. A security vulnerability exists in Takes 2.0-SNAPSHOT and earlier versions, which stems from an un-normalized HTTP request path that could lead to arbitrary file reading...

7.5CVSS6.8AI score0.0051EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/09 9:41 p.m.3 views

CVE-2025-66645 NiceGUI Path Traversal Vulnerability in app.add_media_files() Allows Arbitrary File Reading

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.addmediafiles function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0...

7.5CVSS6.5AI score0.00963EPSS
Exploits1References2
OSV
OSV
added 2025/12/09 9:41 p.m.4 views

CVE-2025-66645 NiceGUI Path Traversal Vulnerability in app.add_media_files() Allows Arbitrary File Reading

NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.addmediafiles function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0...

7.5CVSS6.8AI score0.00963EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.4 views

Galaxy Software Services Vitals ESP 安全漏洞

Galaxy Software Services Vitals ESP is a knowledge management system for office use by Galaxy Software Services China. A security vulnerability exists in Galaxy Software Services Vitals ESP that originates from absolute path traversal and could lead to arbitrary file reading...

6.9CVSS6.8AI score0.00423EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/18 4:45 a.m.5 views

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS7.2AI score0.00752EPSS
Exploits0References1
NVD
NVD
added 2025/10/17 4:16 a.m.4 views

CVE-2025-11898

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00752EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/17 3:41 a.m.3 views

EUVD-2025-34860

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.8AI score0.00752EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/17 3:41 a.m.2 views

CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.9AI score0.00752EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/17 3:41 a.m.8 views

CVE-2025-11898 Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal

Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00752EPSS
Exploits0References2
CVE
CVE
added 2025/10/17 3:41 a.m.10 views

CVE-2025-11898

Flowring’s Agentflow is affected by CVE-2025-11898, an Arbitrary File Reading vulnerability exposed via Relative Path Traversal. Unauthenticated remote attackers can download arbitrary system files, highlighting a high confidentiality impact and network-based, low-complexity exploitation (no user...

8.7CVSS6.9AI score0.00752EPSS
Exploits0References2
CVE
CVE
added 2025/10/16 5:56 p.m.16 views

CVE-2025-34517

Ilevia EVE X1 Server firmware

8.7CVSS6.5AI score0.00599EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder