Lucene search
K

197 matches found

cve
cve
added 2025/07/25 1:20 p.m.78 views

CVE-2025-38409

CVE-2025-38409 affects the Linux kernel, specifically the drm/msm path. The issue is a leak in the submit error path where put_unused_fd() fails to free the installed file if fd_install() has already occurred, leading to a leaked resource (sync_file). The patch fixes the leak by freeing the sync_...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References6Affected Software1
redhatcve
redhatcve
added 2025/06/23 8:39 a.m.6 views

CVE-2025-50202

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

7.5CVSS7AI score0.00519EPSS
Exploits0References1
nvd
nvd
added 2025/06/18 5:15 a.m.7 views

CVE-2025-50202

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

7.5CVSS0.00519EPSS
Exploits0References3
osv
osv
added 2025/06/18 4:13 a.m.6 views

CVE-2025-50202 Lychee Path Traversal Vulnerability

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

7.5CVSS6.5AI score0.00519EPSS
Exploits0References5
cvelist
cvelist
added 2025/06/18 4:13 a.m.11 views

CVE-2025-50202 Lychee Path Traversal Vulnerability

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

7.5CVSS0.00519EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/06/18 4:13 a.m.4 views

CVE-2025-50202 Lychee Path Traversal Vulnerability

Lychee is a free photo-management tool. In versions starting from 6.6.6 to before 6.6.10, an attacker can leak local files including environment variables, nginx logs, other user's uploaded images, and configuration secrets due to a path traversal exploit in SecurePathController.php. This issue h...

7.5CVSS7.4AI score0.00519EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/06/05 12:0 a.m.7 views

PT-2025-23906 · Crates.Io · Deno

Summary Static imports are exempted from the network permission check. An attacker could exploit this to leak the password file on the network. Details Static imports in Deno are exempted from the network permission check. This can be exploited by attackers in multiple ways, when third-party code...

5.3CVSS6.8AI score0.00842EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/05/23 9:8 a.m.4 views

CVE-2024-56353

In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies...

6.5CVSS7AI score0.00304EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:8 a.m.17 views

CVE-2024-45189

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request...

6.5CVSS7AI score0.00881EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/23 7:27 a.m.5 views

CVE-2024-45190

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request...

6.5CVSS7AI score0.00859EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 7:26 a.m.7 views

CVE-2024-45188

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "File Content" request...

6.5CVSS7AI score0.00881EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 4:15 a.m.12 views

CVE-2023-40850

netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway...

7.5CVSS7.1AI score0.00727EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/23 12:25 a.m.7 views

CVE-2022-32556

An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log files with certain crashes...

7.5CVSS6.9AI score0.00768EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 8:49 p.m.6 views

CVE-2021-22024

The vRealize Operations Manager API 8.x prior to 8.5 contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure...

7.5CVSS6.8AI score0.01038EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 6:53 p.m.13 views

CVE-2021-43734

kkFileview v4.0.0 has arbitrary file read through a directory traversal vulnerability which may lead to sensitive file leak on related host...

7.5CVSS6.8AI score0.10728EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/22 6:54 a.m.7 views

CVE-2018-19279

PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater...

4.3CVSS7AI score0.00212EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/05/08 12:0 a.m.5 views

OpenStack Ironic 安全漏洞

OpenStack Ironic is an integrated OpenStack program open-sourced by OpenStack. It is used to configure bare metal rather than virtual machines. A security vulnerability exists in OpenStack Ironic versions prior to 29.0.1, which stems from an unexpected file that may be written to the target node...

2.8CVSS5.4AI score0.00155EPSS
Exploits0References3
osv
osv
added 2025/04/16 3:16 p.m.6 views

UBUNTU-CVE-2025-22073

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufsnewfile failure It's called from spufsfilldir, and caller of that will do spufsrmdir in case of failure. That does remove everything we'd managed to create, but... the problem dentry is still negative...

5.5CVSS6.2AI score0.00185EPSS
Exploits0References50
cvelist
cvelist
added 2025/04/15 10:24 a.m.21 views

CVE-2025-32943 PeerTube HLS Video Files Path Traversal

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint...

3.7CVSS0.00443EPSS
Exploits1References2
osv
osv
added 2025/04/15 10:24 a.m.5 views

CVE-2025-32943 PeerTube HLS Video Files Path Traversal

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint...

3.7CVSS6AI score0.00443EPSS
Exploits1References5
Rows per page
Query Builder