Lucene search
K

161 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:38 a.m.6 views

CVE-2024-23317

External Control of File Name or Path CWE-73 in the Controller 6000 and Controller 7000 allows an attacker with local access to the Controller to perform arbitrary code execution. This issue affects: 9.10 prior to vCR9.10.240520a distributed in 9.10.1268MR1, 9.00 prior to vCR9.00.240521a...

6.3CVSS7.5AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.6 views

CVE-2023-1070

External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22...

7.1CVSS6.7AI score0.00823EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.5 views

WordPress plugin Tourmaster 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS7.6AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:42 p.m.6 views

CVE-2021-3845

ws-scrcpy is vulnerable to External Control of File Name or Path...

7.5CVSS6.8AI score0.01227EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:52 a.m.21 views

CVE-2018-1000177

A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in...

5.4CVSS5.9AI score0.00673EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.2 views

WordPress plugin Mortgage Calculator Estatik 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

8.8CVSS7.9AI score0.00446EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/05/13 9:39 p.m.13 views

CVE-2025-26646

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network...

8CVSS7.3AI score0.011EPSS
Exploits0
OSV
OSV
added 2025/05/13 12:0 a.m.7 views

UBUNTU-CVE-2025-26646

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network...

8CVSS7.2AI score0.011EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

WordPress plugin WP-Recall 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS7.8AI score0.00495EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/04/16 12:0 a.m.2 views

VulnCheck KEV: CVE-2025-24054

Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS7.2AI score0.58974EPSS
Exploits20References1
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.4 views

WordPress plugin Build App Online 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS8.6AI score0.00669EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/11 12:0 a.m.3 views

WordPress plugin FAT Cooming Soon 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exis...

8.1CVSS8.3AI score0.00758EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/04/08 6:16 p.m.3 views

CVE-2025-29819

External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally...

6.2CVSS5.4AI score0.00838EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2025/04/08 6:16 p.m.2 views

CVE-2025-29819

External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally...

6.2CVSS7.2AI score0.00838EPSS
Exploits0References1
OSV
OSV
added 2025/03/11 5:16 p.m.7 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS5.8AI score0.58974EPSS
Exploits20References7
Positive Technologies
Positive Technologies
added 2025/03/11 12:0 a.m.3 views

PT-2025-10839 · Microsoft · Windows Ntlm +1

Name of the Vulnerable Software and Affected Versions: Windows NTLM affected versions not specified Description: The issue allows an unauthorized attacker to perform spoofing over a network due to external control of file name or path in Windows NTLM. Recommendations: At the moment, there is no...

7.8CVSS8.4AI score0.0119EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/03/10 12:0 a.m.4 views

WordPress plugin WC Place Order Without Payment 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS8.8AI score0.00517EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/10 12:0 a.m.3 views

WordPress plugin Massive Dynamic 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

9CVSS8.8AI score0.00594EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/11 3:21 p.m.12 views

CVE-2024-12058

External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to read arbitrary files...

6.8CVSS0.00902EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/06 12:0 a.m.5 views

WordPress plugin All Bootstrap Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS8.4AI score0.00578EPSS
Exploits0References1
Rows per page
Query Builder