Lucene search
K

2684 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-53480

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory 'path...

2.7CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 5 days ago4 views

CVE-2026-53480

Dell PowerProtect Data Domain (versions 7.7.1.0–8.7, LTS2026 8.6.1.0–8.6.1.10, LTS2025 8.3.1.0–8.3.1.30, LTS2024 7.13.1.0–7.13.1.70) contains a path traversal vulnerability due to an improper limitation of a pathname to a restricted directory. A high-privilege attacker with remote access could po...

2.7CVSS6AI score0.00263EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-53480

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory 'path...

2.7CVSS0.00263EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-42244

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory 'path...

2.7CVSS6AI score0.00263EPSS
Exploits0References1
NVD
NVD
added last week9 views

CVE-2026-5268

An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation...

9.1CVSS0.0042EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/22 5:32 p.m.8 views

dotnet: .NET: Local file tampering via link following vulnerability

A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...

6.2CVSS5.8AI score0.00388EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/06/22 9:41 a.m.6 views

WordPress Simple File List plugin <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action vulnerability

Missing Authorization to Unauthenticated File Modification via simplefilelisteditjob AJAX Action vulnerability discovered by WordFence in WordPress Plugin Simple File List versions = 6.3.7...

7.5CVSS5.9AI score0.00433EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/20 9:16 a.m.15 views

CVE-2026-11912

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is...

7.5CVSS0.00433EPSS
Exploits0References7
CVE
CVE
added 2026/06/20 8:29 a.m.34 views

CVE-2026-11912

The CVE-2026-11912 entry documents a vulnerability in the WordPress Simple File List plugin (≤ 6.3.7) where insufficient authorization allows arbitrary file modification. The issue affects all versions up to 6.3.7 and enables unauthenticated attackers to delete/modify files on the server. The roo...

7.5CVSS6AI score0.00433EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/20 8:29 a.m.9 views

EUVD-2026-38105

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is...

7.5CVSS6AI score0.00433EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/20 8:29 a.m.10 views

CVE-2026-11912

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is...

7.5CVSS6AI score0.00433EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.24 views

PT-2026-51132

Name of the Vulnerable Software and Affected Versions Simple File List versions prior to 6.3.8 Description The Simple File List plugin for WordPress contains insufficient authorization checks that allow unauthenticated attackers to delete and modify files on the server. This issue occurs within t...

7.5CVSS5.9AI score0.00433EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.9 views

CVE-2026-46748

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

8.8CVSS5.5AI score0.00206EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/09 5:4 p.m.7 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

6.9CVSS5.3AI score0.00388EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 5:4 p.m.12 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

6.9CVSS5.3AI score0.00388EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 5:4 p.m.8 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

6.9CVSS5.3AI score0.00388EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/09 5:4 p.m.7 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

6.9CVSS5.3AI score0.00388EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 10:16 a.m.21 views

CVE-2026-46748

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

8.8CVSS0.00206EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 8:46 a.m.13 views

EUVD-2026-35385

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

8.8CVSS5.5AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.9 views

CVE-2026-42497

A flaw was found in perl-Archive-Tar. This vulnerability allows an attacker to craft a malicious tar archive that, when extracted, can create hardlinks to arbitrary files outside the intended extraction directory. This could lead to the modification of sensitive files on the system, potentially...

7.5CVSS5.5AI score0.00417EPSS
Exploits0References6
Rows per page
Query Builder