Lucene search
K

3902 matches found

Nuclei
Nuclei
added yesterday34 views

phpShowtime 2.0 - Directory Traversal

A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. dot dot in the r parameter to index.php. id: CVE-2012-0981 info: name: phpShowtime 2.0 - Directory Traversal author: daffainfo severity: medium description: A...

5CVSS6AI score0.11059EPSS
Exploits1References5
NVD
NVD
added 2 days ago5 views

CVE-2026-57346

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...

7.1CVSS0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-40060

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3...

7.1CVSS5.8AI score0.00265EPSS
Exploits0References1
Nuclei
Nuclei
added 2 days ago25 views

SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure

A vulnerability was identified in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, impacting the file handling functions. This flaw results in authenticated file disclosure, granting unauthorized access to sensitive files and directories. Although authentication is...

8.7CVSS5.8AI score0.03692EPSS
Exploits1References3
CVE
CVE
added 2 days ago8 views

CVE-2026-13533

CVE-2026-13533 affects agentejo Cockpit CMS up to v0.12.2 in the htaccess Handler’s /config/config.yaml, via Spyc::YAMLLoad. The vulnerability arises from YAMLLoad manipulation that can make files or directories accessible and can be exploited remotely. Exploit code has been publicly disclosed an...

6.9CVSS5.6AI score0.00286EPSS
Exploits0References5
Nuclei
Nuclei
added 3 days ago52 views

Camtron CMNC-200 IP Camera - Directory Traversal

The CMNC-200 IP Camera has a built-in web server that is vulnerable to directory transversal attacks, allowing access to any file on the camera file system. id: CVE-2010-4231 info: name: Camtron CMNC-200 IP Camera - Directory Traversal author: daffainfo severity: high description: The CMNC-200 IP...

7.8CVSS7.3AI score0.09542EPSS
Exploits5References5
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-39923

Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS6AI score0.00839EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago34 views

CVE-2025-11919 Unprotected temporary directories in Wolfram Cloud may result in privilege escalation

The default JVM can access files and directories under /tmp/ including the $TemporaryDirectory of other users on the same cloud instance /tmp/UserTemporaryFiles/. The -init file for the the JVM initialization exists in the vulnerable directory during the startup of the JVM. An attacker with acces...

0.004EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2025-11919

CVE-2025-11919 affects Wolfram Cloud (multi-tenant environment) where the default JVM can access temporary resources under /tmp, including other users’ TemporaryDirectory. A race during JVM startup allows an attacker with access to shared /tmp to create/replace .jar files via the -init file, caus...

9.6CVSS6.2AI score0.004EPSS
Exploits0References2
NVD
NVD
added 5 days ago8 views

CVE-2025-10268

The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...

5.3CVSS0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2025-10268

The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...

5.3CVSS5.9AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago12 views

PT-2026-52987

Name of the Vulnerable Software and Affected Versions Daktronics Controller Firmware affected versions not specified Description Remote authenticated and unauthenticated users can perform path traversal, which allows them to escape the intended directory and enumerate arbitrary file system paths...

9.8CVSS5.9AI score0.00839EPSS
Exploits0References8
OSV
OSV
added 6 days ago2 views

UBUNTU-CVE-2026-53168

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

6.9CVSS5.8AI score0.00176EPSS
Exploits0References11
EUVD
EUVD
added 6 days ago3 views

EUVD-2026-39259

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

5.8AI score0.00176EPSS
Exploits0References8
Debian CVE
Debian CVE
added 6 days ago3 views

CVE-2026-53168

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

5.7AI score0.00176EPSS
Exploits0
CVE
CVE
added 6 days ago12 views

CVE-2026-53168

In CVE-2026-53168, the Linux kernel vulnerability concerns FUSE pagecache operations. Specifically, the FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE handlers could allow a FUSE daemon to access pagecache contents for directories using FOPEN_CACHE_DIR. The issue is mitigated by rejecting these opera...

5.8AI score0.00176EPSS
Exploits0References8
NVD
NVD
added last week11 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS0.00345EPSS
Exploits0References3
CVE
CVE
added last week14 views

CVE-2026-35025

ProFTPD versions affected: 1.3.9b and 1.3.10rc2. Issue: an access control bypass in the RNFR path handling allows authenticated FTP users to bypass Directory ACL restrictions by prefixing paths with /proc/self/root. Root cause: unresolved symlink components in dir_canonical_path() cause dir_check...

8.6CVSS5.9AI score0.00345EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 12:16 a.m.8 views

CVE-2026-7574

Anthropic Claude Desktop Cowork VM image handling confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0 validates only file presence and a version marker string before booting rootfs.img, but does not verify image content integrity at time-of-use. A local...

8.7CVSS0.00103EPSS
Exploits1References2
CVE
CVE
added 2026/06/23 11:54 p.m.16 views

CVE-2026-7574

Anthropic Claude Desktop Cowork VM images (v1.1348.0–v1.2278.0) do not validate the contents of rootfs.img at time-of-use; only file presence and a version marker are checked. A local, unprivileged macOS user can modify the VM root filesystem image and have it trusted on subsequent Cowork VM boot...

8.7CVSS6.5AI score0.00103EPSS
Exploits1References2
Rows per page
Query Builder