Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/04/10 10:28 a.m.9 views

CVE-2021-47960

A flaw was found in Synology SSL VPN Client. This vulnerability allows remote attackers to access sensitive files within the installation directory. By leveraging user interaction with a specially crafted web page, attackers can exploit a local HTTP server bound to the loopback interface to...

6.5CVSS5.8AI score0.00188EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/21 3:30 p.m.6 views

CVE-2019-25582

i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with filemanager=image and supply arbitrary file paths like...

7.1CVSS5.9AI score0.00368EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/06 3:4 p.m.28 views

CVE-2026-2753

An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP service that fails to properly sanitize user-supplied path input. Unauthenticated remote attackers can exploit this issue by submitting requests containing absolute filesystem paths. Successful...

7.5CVSS0.00451EPSS
Exploits0References2
NVD
NVD
added 2025/12/10 9:16 p.m.6 views

CVE-2020-36895

EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure vulnerability that allows remote attackers to access sensitive configuration files via direct object reference. Attackers can retrieve the SiteConfig.properties file through an HTTP GET request, exposi...

8.7CVSS0.00618EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-14636

Malware in sbrugna...

9.8CVSS9.2AI score0.01983EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-12384

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00864EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2025/09/28 1:11 a.m.264 views

Exploit for CVE-2022-36537

CVE-2022-36537 Summary R1Soft Server Backup Manager uses t...

7.5CVSS7.1AI score0.95335EPSS
Exploits5
Cvelist
Cvelist
added 2025/08/19 12:0 a.m.7 views

CVE-2025-51539

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem...

0.00667EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.4 views

LoLLMs 安全漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMs versions prior to v9.8, which stems from an unverified path connection in the servejs function in app.py. An attacker exploiting this vulnerability can...

7.5CVSS7.6AI score0.00595EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/04/08 12:0 a.m.2 views

TOTOLINK EX200 安全漏洞

TOTOLINK EX200 is a wireless N range extender from China Gion Electronics TOTOLINK , which is mainly used to extend the coverage of the existing Wi-Fi network and solve the problem of signal blind zones. A security vulnerability exists in the TOTOLINK EX200, which stems from improper privilege...

9.1CVSS6.8AI score0.00584EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/09/08 12:0 a.m.5 views

Web Port 授权问题漏洞

Web Port is a web-based SCADA data acquisition and monitoring system and HMI human machine interface system. A security vulnerability exists in Cynet 360 Web Portal versions prior to v4.5, which stems from a vulnerability that allows an attacker to access a list of excluded files and configuratio...

5.3CVSS5.8AI score0.00581EPSS
Exploits1References3
OSV
OSV
added 2021/10/25 2:15 p.m.4 views

CVE-2017-20007

Ingeteam INGEPAC DA AU AUC1.13.0.28 and before web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the device´s web service could exploit this...

5.3CVSS5.9AI score0.01084EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2020/03/20 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34130

An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 via the /z/zbin/nethtml.cgi endpoint. This vulnerability allows attackers to read sensitive configuration files, such as /zconf/service.xml, which can then be...

8.7CVSS5.9AI score0.01149EPSS
Exploits0References1
CNVD
CNVD
added 2019/03/01 12:0 a.m.1 views

Arbitrary File Read Vulnerability in Isthmus Electronic Document Security Management System

Electronic document security management system abbreviation: CDG is an electronic document security protection software. An arbitrary file read vulnerability exists in the IZP Electronic Document Security Management System. The download function somewhere in Yisetong Electronic Document Security...

7AI score
Exploits0
Rows per page
Query Builder