CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

301 matches found

RedhatCVE•added 2026/01/09 12:31 p.m.•5 views

CVE-2023-4216

The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the fileurl parameter when importing a CSV file, allowing high privilege users with the managewoocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however...

2.7CVSS6.6AI score0.0017EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 10:47 a.m.•6 views

CVE-2022-31246

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request e.g., within QR code data. On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename...

5.5CVSS7AI score0.00257EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:28 a.m.•5 views

CVE-2019-12172

Typora 0.9.9.21.1 1913 allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137...

7.8CVSS7.5AI score0.02535EPSS

Exploits6References1

Vulnrichment•added 2025/12/17 8:46 p.m.•1 views

CVE-2025-43526

This issue was addressed with improved URL validation. This issue is fixed in macOS Tahoe 26.2, Safari 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted...

5.6AI score0.0005EPSS

Exploits0References2

Cvelist•added 2025/12/17 8:46 p.m.•21 views

CVE-2025-43526

This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted...

0.0005EPSS

Exploits0References2

CVE•added 2025/12/17 8:46 p.m.•14 views

CVE-2025-43526

CVE-2025-43526 affects Apple macOS Tahoe < 26.2 and Safari

9.8CVSS5.8AI score0.0005EPSS

Exploits0References2Affected Software2

CNNVD•added 2025/12/17 12:0 a.m.•1 views

Apple Safari和Apple macOS 安全漏洞

Apple Safari and Apple macOS are both products of Apple Inc. Apple Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. apple macOS is a specialized operating system developed specifically for Mac computers. A security vulnerability exists in...

9.8CVSS6AI score0.0005EPSS

Exploits0References3

Github Security Blog•added 2025/12/16 10:32 p.m.•6 views

@vitejs/plugin-rsc has an Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint

Summary The /viterscfindSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sending a crafted HTTP request with a file:// URL in the filename query parameter. Severity:...

7.5CVSS6.6AI score0.0118EPSS

Exploits0References6Affected Software1

Snyk•added 2025/12/16 6:44 p.m.•1 views

Directory Traversal

Overview @vitejs/plugin-rsc is a React Server Components RSC support for Vite. Affected versions of this package are vulnerable to Directory Traversal via the /viterscfindSourceMapURL endpoint when processing HTTP requests containing a file:// URL in the filename query parameter. An attacker can...

8.7CVSS7.5AI score0.0118EPSS

Exploits0References2

EUVD•added 2025/12/16 6:20 p.m.•2 views

EUVD-2025-203834

@vitejs/plugin-rs provides React Server Components RSC support for Vite. Prior to version 0.5.8, the /viterscfindSourceMapURL endpoint in @vitejs/plugin-rsc allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sendi...

7.5CVSS6.5AI score0.0118EPSS

Exploits0References5

CVE•added 2025/12/16 6:20 p.m.•15 views

CVE-2025-68155

The CVE concerns @vitejs/plugin-rsc (used with Vite) in development mode. Prior to version 0.5.8, the endpoint /__vite_rsc_findSourceMapURL accepts a file:// URL in the filename query parameter, converts it to a filesystem path, and reads the target file without validating its location, returning...

7.5CVSS6.6AI score0.0118EPSS

Exploits0References4

Hacker One•added 2025/11/30 12:7 a.m.•20 views

curl: Path Traversal in file:// protocol allows Arbitrary File Read

Summary: The file:// protocol handler in curl does not properly sanitise or block path traversal sequences ../. This allows a maliciously crafted file:// URL to escape the intended directory and access arbitrary files on the filesystem with the permissions of the user running curl. When curl is...

6.7AI score

Exploits0

OSV•added 2025/10/31 2:13 p.m.•1 views

OESA-2025-2593 firefox security update

Security Fixes: If temporary one-time permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from differen...

8.8CVSS7.3AI score0.00309EPSS

Exploits0References5

OSV•added 2025/10/31 2:13 p.m.•1 views

OESA-2025-2592 firefox security update

8.8CVSS7.3AI score0.00309EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2008-4889

Malware in sbrugna...

10CVSS6.2AI score0.07246EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views