Lucene search
K

13633 matches found

CVE
CVE
added 2026/03/12 4:48 p.m.10 views

CVE-2026-28792

Technical details (affected components, root cause, exploit data, or remediation specifics) are not provided in the connected documents. Monitor for updates.

9.6CVSS5.9AI score0.00535EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2026/03/12 12:0 a.m.3 views

OpenClaw path traversal vulnerability (CNVD-2026-13551)

OpenClaw is an agent tool for managing session logs. OpenClaw suffers from a path traversal vulnerability. An attacker can exploit this vulnerability by... /... /etc/passwd, etc. to read and write arbitrary files outside of the agent's session directory...

8.4CVSS5.9AI score0.00136EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.4 views

TinaCMS 安全漏洞

TinaCMS is an open-source headless CMS for Markdown, MDX, and JSON developed by Tina. Versions of TinaCMS prior to 2.1.8 contained security vulnerabilities. These vulnerabilities stemmed from the TinaCMS CLI development server having a lax CORS policy configured. Combined with path traversal...

9.6CVSS6AI score0.00535EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.4 views

PT-2026-25061

Malicious configuration can lead to unauthorized file access in Apache Livy. This issue affects Apache Livy 0.7.0 and 0.8.0 when connecting to Apache Spark 3.1 or later. A request that includes a Spark configuration value supported from Apache Spark version 3.1 can lead to users gaining access to...

6.3CVSS5.8AI score0.00488EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-25039

Name of the Vulnerable Software and Affected Versions Asseco SEE Live 2.0 Description A local file inclusion issue exists in the Contact Plan, E-Mail, SMS, and Fax components. Remote authenticated users can access files on the host system through the path parameter in the downloadAttachment and...

6.5CVSS5.8AI score0.00308EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.3 views

PT-2026-25012

Summary The TinaCMS CLI dev server combines a permissive CORS configuration Access-Control-Allow-Origin: with the path traversal vulnerability previously reported to enable a browser-based drive-by attack. A remote attacker can enumerate the filesystem, write arbitrary files, and delete arbitrary...

9.6CVSS5.9AI score0.00535EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.6 views

PT-2026-25062

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Livy. This issue affects Apache Livy: from 0.3.0 before 0.9.0. The vulnerability can only be exploited with non-default Apache Livy Server settings. If the configuration value...

6.3CVSS5.7AI score0.00597EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/11 8:20 p.m.4 views

CVE-2026-0520

A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log file...

2.8CVSS5.8AI score0.00093EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 7:55 p.m.5 views

CVE-2026-32097 PingPong has improper access control in thread file endpoints allows access outside intended scope

PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...

8.6CVSS5.7AI score0.00288EPSS
Exploits0References3
OSV
OSV
added 2026/03/11 2:16 p.m.6 views

CVE-2026-32061

OpenClaw versions prior to 2026.2.17 contain a path traversal vulnerability in the $include directive resolution that allows reading arbitrary local files outside the config directory boundary. Attackers with config modification capabilities can exploit this by specifying absolute paths, traversa...

6.7CVSS5.9AI score
Exploits0References3
EUVD
EUVD
added 2026/03/11 1:32 p.m.7 views

EUVD-2026-11150

OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in applypatch that allows attackers to write or delete files outside the configured workspace directory. When applypatch is enabled without filesystem sandbox containment, attackers can exploit crafted paths including...

8.8CVSS5.9AI score0.00742EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/11 4:39 a.m.70 views

Directory Traversal

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Directory Traversal. Adobe Vulnerability Report: This vulnerability could result in a security feature bypass. A high-privileged attacker could leverage this vulnerability ...

6.8CVSS6.3AI score0.00636EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 4:17 a.m.4 views

CVE-2026-29515

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally...

9.8CVSS0.00481EPSS
Exploits0References2
CVE
CVE
added 2026/03/11 3:23 a.m.13 views

CVE-2026-29515

MiCode FileExplorer contains an authentication bypass vulnerability in its embedded SwiFTP FTP server. The PASS command handler unconditionally grants access, allowing network attackers to log in with any username/password and to list, read, write, and delete files exposed by the FTP server. Affe...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/11 3:23 a.m.26 views

CVE-2026-29515 MiCode FileExplorer SwiFTP Server Authentication Bypass

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinations to the PASS command handler, which unconditionally...

9.3CVSS0.00481EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 3:15 a.m.2 views

CVE-2026-21360

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a security feature bypass. A high-privileged attacker could...

6.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2026/03/11 3:15 a.m.8 views

CVE-2026-21360

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a security feature bypass. A high-privileged attacker could...

6.8CVSS0.00636EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.5 views

PT-2026-24573

Name of the Vulnerable Software and Affected Versions MiCode FileExplorer affected versions not specified Description The software contains an authentication bypass in the embedded SwiFTP FTP server component. This allows network attackers to log in without valid credentials by sending arbitrary...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.6 views

PingPong 安全漏洞

PingPong is an open-source student assignment and course management assistant developed by the Computational Policy Lab. Versions of PingPong prior to 7.27.2 contained security vulnerabilities. These vulnerabilities were due to improper access control, which could allow authenticated users to...

8.8CVSS5.8AI score0.00288EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.7 views

Coppermine Photo Gallery(CPG) 路径遍历漏洞

Coppermine Photo Gallery CPG is a web-based album management system developed by the Coppermine team using PHP. This system offers features such as user management, password-based access to albums, and automatic thumbnail generation. Versions of Coppermine Photo Gallery prior to 1.6.27 had a path...

8.7CVSS5.8AI score0.00532EPSS
Exploits0References2
Rows per page
Query Builder