Lucene search
K

11270 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-26525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available such as those with TeX Live...

8.6CVSS8AI score0.00409EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.5 views

PT-2025-35641

Name of the Vulnerable Software and Affected Versions: Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress versions 5.1.16 through 6.1.1 Description: The plugin is susceptible to PHP Object Injection due to deserialization of untrusted input...

6.5CVSS7.8AI score0.0053EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-19499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source...

6.5CVSS6.9AI score0.03591EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-43426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such ...

7.5CVSS5.4AI score0.00597EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-28330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and...

6.5CVSS6AI score0.01182EPSS
Exploits0References2
CVE
CVE
added 2025/09/01 2:46 a.m.19 views

CVE-2025-9570

Summary of findings for CVE-2025-9570 (Sunnet eHRD CTMS) : The eHRD CTMS product from Sunnet is affected by an Arbitrary File Reading vulnerability caused by a Relative Path Traversal flaw in the file handling logic. This could allow remote attackers with administrator privileges to download arbi...

6.9CVSS6.6AI score0.00485EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/09/01 12:0 a.m.2 views

Sunnet eHRD CTMS 安全漏洞

Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A security vulnerability exists in Sunnet eHRD CTMS that stems from a relative path traversal issue that could lead to arbitrary file reads...

6.9CVSS6.8AI score0.00485EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/30 6:16 p.m.5 views

CVE-2024-13982

SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rjgettoken.php endpoint. The flaw arises from insufficient input validation on the jsondataurl parameter, which allows attackers to perfor...

8.7CVSS7AI score0.00985EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-41886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRefine is a powerful free, open source tool for working with messy data. Prior to version 3.7.5, an arbitrary file read vulnerability allows any...

7.5CVSS7.4AI score0.00834EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-0244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible by importing a group was due to incorre...

8.6CVSS7.5AI score0.01659EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.11 before 13.11.7, all versions starting from 13.12 before 13.12.8, and all...

9.6CVSS7AI score0.00997EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-9892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as...

6.5CVSS5.8AI score0.01097EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 5:17 p.m.5 views

CVE-2025-33037 Qsync Central

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central...

7.2CVSS0.00445EPSS
Exploits0References1
CVE
CVE
added 2025/08/29 5:16 p.m.21 views

CVE-2025-30271

The CVE-2025-30271 entry describes a path-traversal vulnerability affecting QNAP QTS and QuTS hero. A remote attacker who has an existing user account could read contents of unexpected files or system data. The issue has been addressed in fixed releases: QTS 5.2.5.3145 build 20250526 and later, a...

6.5CVSS6.3AI score0.00445EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/29 2:52 p.m.2 views

GO-2025-3909 Dpanel has an arbitrary file read vulnerability in github.com/donknap/dpanel

Dpanel has an arbitrary file read vulnerability in github.com/donknap/dpanel...

6.1CVSS7.1AI score0.00434EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 2:52 p.m.3 views

GO-2025-3897 CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o

CRI-O has Potential High Memory Consumption from File Read in github.com/cri-o/cri-o...

5.7CVSS7.1AI score0.00224EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/08/29 10:54 a.m.11 views

CVE-2025-9217 Slider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images'

The Slider Revolution plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.7.36 via the 'usedsvg' and 'usedimages' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary fil...

6.5CVSS5.3AI score0.00496EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 10:54 a.m.6 views

CVE-2025-9217 Slider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images'

The Slider Revolution plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 6.7.36 via the 'usedsvg' and 'usedimages' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of arbitrary fil...

6.5CVSS0.00496EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 3:39 a.m.6 views

CVE-2025-9639 Ai3|QbiCRMGateway - Arbitrary File Reading through Path Traversal

The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00536EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.2 views

WordPress plugin Slider Revolution 路径遍历漏洞

WordPress Slider Revolution plugin is a powerful rotating slider plugin for the WordPress platform, providing a visual editor, rich preset templates and animation effects, supporting responsive design and multi-device compatibility. WordPress Slider Revolution plugin has a path traversal...

6.5CVSS7AI score0.00496EPSS
Exploits0References4
Rows per page
Query Builder