Lucene search
K

11286 matches found

CVE
CVE
added 2025/06/19 10:38 a.m.52 views

CVE-2025-32896

CVE-2025-32896 affects Apache SeaTunnel (

6.5CVSS7.1AI score0.01039EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/06/19 12:0 a.m.6 views

Apache SeaTunnel 访问控制错误漏洞

Apache SeaTunnel is an easy-to-use data integration framework from the Apache USA Foundation. An access control error vulnerability exists in Apache SeaTunnel version 2.3.10 and earlier, which originates from an unauthorized user being able to perform arbitrary file read and deserialization attac...

6.5CVSS8.9AI score0.01039EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/06/18 3:18 p.m.923 views

Exploit for CVE-2025-1094

I have written this exploit with reference to the PoC available...

9.8CVSS8.4AI score0.89472EPSS
Exploits14
OSV
OSV
added 2025/06/17 1:15 p.m.3 views

CVE-2025-4365

Arbitrary file read in NetScaler Console and NetScaler SDX SVM...

7.5CVSS5.8AI score0.07008EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 1:15 p.m.13 views

CVE-2025-4365

Arbitrary file read in NetScaler Console and NetScaler SDX SVM...

7.5CVSS0.07008EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 12:38 p.m.39 views

CVE-2025-4365

The CVE-2025-4365 issue affects NetScaler Console and NetScaler SDX (SVM). It is an authenticated Arbitrary File Read vulnerability in the download API (nitro/v1/download), where input validation does not properly constrain the file path, enabling an admin to read arbitrary files on the system. V...

7.5CVSS6.6AI score0.07008EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/06/17 12:38 p.m.6 views

CVE-2025-4365 NetScaler Console and NetScaler SDX (SVM) - Arbitrary file read

Arbitrary file read in NetScaler Console and NetScaler SDX SVM...

6.9CVSS7.1AI score0.07008EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 12:38 p.m.16 views

CVE-2025-4365 NetScaler Console and NetScaler SDX (SVM) - Arbitrary file read

Arbitrary file read in NetScaler Console and NetScaler SDX SVM...

6.9CVSS0.07008EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/17 12:0 a.m.2 views

WordPress Apptha Slider Gallery plugin path traversal vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A path traversal vulnerability exists in the WordPress Apptha Slider Gallery plugin, which stems from improper path restriction. An attacker can exploit the vulnerability to cau...

7.5CVSS7AI score0.00461EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.5 views

PT-2025-25649 · Citrix · Netscaler Console +1

Name of the Vulnerable Software and Affected Versions: NetScaler Console and NetScaler SDX SVM affected versions not specified Description: A security issue has been identified, allowing for arbitrary file read. This affects customer-managed environments. Recommendations: At the moment, there is ...

7.5CVSS6.3AI score0.07008EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.3 views

Citrix NetScaler Console和Citrix NetScaler SDX 安全漏洞

Citrix NetScaler Console and Citrix NetScaler SDX are both products of Citrix Corporation, U.S.A. Citrix NetScaler Console is a cloud-based service that provides a unified, centralized console for managing, monitoring, and troubleshooting the entire NetScaler application delivery...

7.5CVSS6.6AI score0.07008EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/16 9:46 a.m.3 views

CVE-2025-25265 Unauthenticated File Read via Web Interface

A web application for configuring the controller is accessible at a specific path. It contains an endpoint that allows a high privileged remote attacker to read files from the system’s file structure...

4.9CVSS6.2AI score0.00402EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/16 9:46 a.m.15 views

CVE-2025-25265 Unauthenticated File Read via Web Interface

A web application for configuring the controller is accessible at a specific path. It contains an endpoint that allows a high privileged remote attacker to read files from the system’s file structure...

4.9CVSS0.00402EPSS
Exploits0References1
CVE
CVE
added 2025/06/16 9:46 a.m.36 views

CVE-2025-25265

CVE-2025-25265 concerns an unauthenticated file read via the web interface of WAGO Device Manager. The connected sources confirm a web application endpoint that can be accessed remotely by a high-privilege attacker to read files from the system’s file structure. The description across multiple fe...

4.9CVSS6.2AI score0.00402EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.7 views

The vulnerability of the M-Files Server platform’s interface allows a perpetrator to read arbitrary files.

The vulnerability of the M-Files Server platform’s automation interface is related to incorrect restrictions on the path name to the restricted catalog during the processing of the final point. Exploiting this vulnerability allows a malicious actor to remotely read arbitrary files...

7.7CVSS5.6AI score0.10344EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/06/14 8:23 a.m.15 views

CVE-2025-4187 UserPro - Community and User Profile WordPress Plugin <= 5.1.10 - Unauthenticated Arbitrary File Read

The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.1.10 via the userprofbconnect function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the...

5.9CVSS0.00631EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/14 8:23 a.m.3 views

CVE-2025-4187 UserPro - Community and User Profile WordPress Plugin <= 5.1.10 - Unauthenticated Arbitrary File Read

The UserPro - Community and User Profile WordPress Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 5.1.10 via the userprofbconnect function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the...

5.9CVSS5.6AI score0.00631EPSS
Exploits0References2
CVE
CVE
added 2025/06/14 8:23 a.m.42 views

CVE-2025-4187

CVE-2025-4187 – UserPro plugin (WordPress) Affects: UserPro - Community and User Profile WordPress Plugin

5.9CVSS5.6AI score0.00631EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/13 5:34 p.m.4 views

CVE-2025-22242

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...

5.6CVSS5.5AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2025/06/13 9:30 a.m.3 views

GHSA-989C-M532-P2HV Salt's worker process vulnerable to denial of service through file read operation

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...

5.6CVSS7.1AI score0.00122EPSS
Exploits0References5
Rows per page
Query Builder