11270 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-26525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live...
PT-2025-35641
Name of the Vulnerable Software and Affected Versions: Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress versions 5.1.16 through 6.1.1 Description: The plugin is susceptible to PHP Object Injection due to deserialization of untrusted input...
Linux Distros Unpatched Vulnerability : CVE-2019-19499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source...
Linux Distros Unpatched Vulnerability : CVE-2024-43426
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such ...
Linux Distros Unpatched Vulnerability : CVE-2023-28330
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and...
CVE-2025-9570
Summary of findings for CVE-2025-9570 (Sunnet eHRD CTMS) : The eHRD CTMS product from Sunnet is affected by an Arbitrary File Reading vulnerability caused by a Relative Path Traversal flaw in the file handling logic. This could allow remote attackers with administrator privileges to download arbi...
Sunnet eHRD CTMS 安全漏洞
Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A security vulnerability exists in Sunnet eHRD CTMS that stems from a relative path traversal issue that could lead to arbitrary file reads...
CVE-2024-13982
SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...
Linux Distros Unpatched Vulnerability : CVE-2023-41886
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, an arbitrary file read vulnerability allows any...
Linux Distros Unpatched Vulnerability : CVE-2022-0244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible by importing a group was due to incorre...
Linux Distros Unpatched Vulnerability : CVE-2021-22234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all...
Linux Distros Unpatched Vulnerability : CVE-2019-9892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as...
CVE-2025-33037 Qsync Central
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...
CVE-2025-30271
The CVE-2025-30271 entry describes a path-traversal vulnerability affecting QNAP QTS and QuTS hero. A remote attacker who has an existing user account could read contents of unexpected files or system data. The issue has been addressed in fixed releases: QTS 5.2.5.3145 build 20250526 and later, a...
GO-2025-3909 Dpanel has an arbitrary file read vulnerability in github.com/donknap/dpanel
Dpanel has an arbitrary file read vulnerability in github.com/donknap/dpanel...
GO-2025-3897 CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o
CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o...
CVE-2025-9217 Slider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images'
The Slider Revolution plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.7.36 via the 'usedsvg' and 'usedimages' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary fil...
CVE-2025-9217 Slider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images'
The Slider Revolution plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.7.36 via the 'usedsvg' and 'usedimages' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary fil...
CVE-2025-9639 Ai3|QbiCRMGateway - Arbitrary File Reading through Path Traversal
The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
WordPress plugin Slider Revolution 路径遍历漏洞
WordPress Slider Revolution plugin is a powerful rotating slider plugin for the WordPress platform, providing a visual editor, rich preset templates and animation effects, supporting responsive design and multi-device compatibility. WordPress Slider Revolution plugin has a path traversal...