350 matches found
Palo Alto Networks Expedition 安全漏洞
Palo Alto Networks Expedition is a tool from Palo Alto Networks, Inc. that helps with configuration migration, tuning, and enrichment. A security vulnerability exists in Palo Alto Networks Expedition. An attacker exploiting the vulnerability could enumerate files on the host's file system...
PT-2025-1075
Name of the Vulnerable Software and Affected Versions Palo Alto Networks Expedition affected versions not specified Description The issue is related to a wildcard expansion vulnerability in Palo Alto Networks Expedition. This vulnerability allows an unauthenticated attacker to enumerate files on...
CVE-2024-54004
Jenkins Filesystem List Parameter Plugin 0.0.14 and earlier does not restrict the path used for the File system objects list Parameter, allowing attackers with Item/Configure permission to enumerate file names on the Jenkins controller file system...
CVE-2024-40088
A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request...
Vilo Mesh WiFi System 安全漏洞
Vilo Mesh WiFi System is a wireless system from Vilo. A security vulnerability exists in Vilo Mesh WiFi System version 5.16.1.33 and earlier, which stems from the presence of a directory traversal vulnerability that could allow a remote, unauthenticated attacker to enumerate the existence and...
Information Disclosure
Open-webui is vulnerable to an Information Disclosure. The vulnerability is due to the embedding model update feature under admin settings, which allows an attacker to enumerate file names and traverse directories by observing error messages related to file existence and configuration...
CVE-2024-7038
An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...
CVE-2024-7038
An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...
CVE-2024-7038 Information Disclosure in open-webui/open-webui
An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...
HP LaserJet Printer SNMP Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP LaserJet Printer SNMP Enumeration', 'Description' = %q This module allows enumeration of files previously printed. It provides details as...
Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...
OpenGnsys 安全漏洞
OpenGnsys is an open source computing device management software from the Spanish OpenGnsys project. A security vulnerability exists in OpenGnsys version 1.1.1d Espeto, which stems from the presence of an information exposure vulnerability that allows an attacker to enumerate all files in the Web...
CVE-2023-46170
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily read files after enumerating file names...
Code injection
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily read files after enumerating file names. IBM X-Force ID: 269407...
CVE-2024-21501
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
DEBIAN-CVE-2024-21501
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
CVE-2024-21501
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
CVE-2024-21501
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
UBUNTU-CVE-2024-21501
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...
CVE-2024-21501
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system including project dependencies. An attacker could exploit this vulnerability to gather details abou...