Lucene search
K

11287 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:18 a.m.9 views

CVE-2023-51770

Arbitrary File Read Vulnerability in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue...

7.5CVSS6.7AI score0.01239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.9 views

CVE-2023-6038

A Local File Inclusion LFI vulnerability exists in the h2o-3 REST API, allowing unauthenticated remote attackers to read arbitrary files on the server with the permissions of the user running the h2o-3 instance. This issue affects the default installation and does not require user interaction. Th...

9.3CVSS7AI score0.0434EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.9 views

CVE-2023-29962

S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability...

6.5CVSS7.5AI score0.00657EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.8 views

CVE-2022-28444

UCMS v1.6 was discovered to contain an arbitrary file read vulnerability...

7.5CVSS7.4AI score0.01462EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:41 a.m.7 views

CVE-2022-22279

A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access SRA products and older firmware versions of Secure Mobile Access SMA 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access...

4.9CVSS7.2AI score0.01068EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:37 a.m.13 views

CVE-2022-40954

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in the task execution context, without write access to DAG files. This issue affects Spark Provider...

5.5CVSS6.8AI score0.01383EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:26 a.m.5 views

CVE-2022-47747

kraken = 0.1.4 has an arbitrary file read vulnerability via the component testfs...

7.5CVSS6.9AI score0.00799EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 12:24 a.m.8 views

CVE-2022-46826

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability...

6.2CVSS6.9AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:20 a.m.8 views

CVE-2022-48094

lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction.class.php...

4.9CVSS7.5AI score0.0067EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 12:15 a.m.10 views

CVE-2022-46492

nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary...

6.5CVSS7.5AI score0.00496EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:10 a.m.6 views

CVE-2022-26271

74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php...

7.5CVSS7.4AI score0.04633EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:6 a.m.7 views

CVE-2022-25497

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...

5.3CVSS7.4AI score0.03642EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2025/05/23 12:0 a.m.82 views

📄 ABB Cylon Aspect 3.08.03 logYumLookup.php Path Traversal

The ABB Cylon Aspect BAS controller is vulnerable to an authenticated hybrid path traversal vulnerability in logYumLookup.php due to insufficient validation of the logFile parameter. The script checks for the presence of an expected path /var/log/yum.log using strpos, which can be bypassed by...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/23 12:0 a.m.5 views

Fedora 41 : yelp / yelp-xsl (2025-72469000ed)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-72469000ed advisory. Fix CVE-2025-3155 - arbitrary file-read. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.4CVSS7.5AI score0.10598EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:43 p.m.7 views

CVE-2022-21687

gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus...

6.8CVSS6.9AI score0.01003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:40 p.m.5 views

CVE-2022-40715

An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily...

6.5CVSS6.4AI score0.01044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:39 p.m.3 views

CVE-2022-4140

The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file, which could allow unauthenticated attacker to read arbitrary files on the server...

7.5CVSS7.2AI score0.02941EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:35 p.m.4 views

CVE-2022-20353

In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.5AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:19 p.m.3 views

CVE-2022-44299

SiteServerCMS 7.1.3 sscms has a file read vulnerability...

4.9CVSS6.9AI score0.00826EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.8 views

CVE-2022-37299

An issue was discovered in Shirne CMS 1.2.0. There is a Path Traversal vulnerability which could cause arbitrary file read via /static/ueditor/php/controller.php...

6.5CVSS7AI score0.02829EPSS
Exploits1References1
Rows per page
Query Builder