Lucene search
K

79 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24288

Malicious code in bioql PyPI...

5.5CVSS6.4AI score0.00364EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/08/23 1:37 a.m.195 views

Exploit for External Control of File Name or Path in Microsoft

CVE-2025-33053 POC Exploit Overview The working director...

8.8CVSS9.7AI score0.81558EPSS
Exploits10
Snyk
Snyk
added 2025/08/20 6:45 p.m.8 views

External Control of File Name or Path

Overview @directus/api is a real-time API and App dashboard for managing SQL database content Affected versions of this package are vulnerable to External Control of File Name or Path via the write and join method, which used the fullPath method to create the absolute path. An attacker can upload...

9.3CVSS7.8AI score0.00438EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.4 views

CVE-2025-53769

External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally...

5.5CVSS7.2AI score0.00364EPSS
Exploits0References1
OSV
OSV
added 2025/07/08 5:16 p.m.8 views

CVE-2025-49760

External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network...

3.5CVSS5.8AI score0.01256EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 5:24 p.m.5 views

CVE-2025-47956

External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally...

5.5CVSS5.8AI score0.00447EPSS
Exploits0References1
Amazon
Amazon
added 2025/06/10 12:0 a.m.7 views

Important: dotnet8.0

Issue Overview: External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. CVE-2025-26646 Affected Packages: dotnet8.0 Issue Correction: Run dnf update dotnet8.0 --releasever 2023.7.20250609 or...

8CVSS6.8AI score0.011EPSS
Exploits0
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

External Control of File Name or Path

Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to External Control of File Name or Path via the restorerunbackup function. An attacker can write arbitrary data to arbitrary locations on the host server by controlling...

9.1CVSS7.2AI score0.0081EPSS
Exploits1References2
NVD
NVD
added 2024/09/25 1:15 a.m.11 views

CVE-2024-9142

External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642...

9.8CVSS0.00422EPSS
Exploits0References2
OSV
OSV
added 2023/12/14 3:30 p.m.21 views

GHSA-GQRQ-J6PM-98C2 External Control of File Name or Path in h2oai/h2o-3

Remote unauthenticated attackers can overwrite arbitrary server files with attacker-controllable data. The data that the attacker can control is not entirely arbitrary. h2o writes a CSV/XLS/etc file to disk, so the attacker data is wrapped in quotations and starts with "C1", if they're exporting ...

9.3CVSS8.2AI score0.00715EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/12/14 12:59 p.m.7 views

CVE-2023-6569 External Control of File Name or Path in h2oai/h2o-3

External Control of File Name or Path in h2oai/h2o-3...

9.3CVSS8.2AI score0.00715EPSS
Exploits1References1
Snyk
Snyk
added 2023/10/05 5:51 a.m.6 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the curleasyduphandle function, allowing an attacker to insert cookies into a running program using this library. When this function is used to duplicate an easy handle with cookies enabled, the...

4.5CVSS7.4AI score0.06208EPSS
Exploits0References2
OSV
OSV
added 2023/05/02 9:31 p.m.42 views

GHSA-22GJ-8QJ2-FJ46 Moodle External Control of File Name or Path vulnerability

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system...

5.3CVSS5.8AI score0.06583EPSS
Exploits3References12
ATTACKERKB
ATTACKERKB
added 2022/12/07 1:15 a.m.3 views

CVE-2022-45918

ILIAS before 7.16 allows External Control of File Name or Path...

6.5CVSS6.6AI score0.01178EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2022/01/04 12:0 a.m.4 views

PT-2022-10731 · Ws-Scrcpy · Ws-Scrcpy

Name of the Vulnerable Software and Affected Versions: ws-scrcpy affected versions not specified Description: The issue allows for external control of file name or path. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

7.5CVSS7.5AI score0.01227EPSS
Exploits1References5
OSV
OSV
added 2020/06/29 12:15 p.m.2 views

DEBIAN-CVE-2019-3681

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that c...

9.8CVSS7.2AI score0.01424EPSS
Exploits1References1
OSV
OSV
added 2020/06/29 12:15 p.m.3 views

UBUNTU-CVE-2019-3681

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that c...

9.8CVSS5.9AI score0.01424EPSS
Exploits1References3
CNVD
CNVD
added 2019/12/06 12:0 a.m.4 views

QNAP Systems Photo Station File Name or Path External Control Vulnerability

QNAP Systems Photo Station is a photo management and viewing application from QNAP Systems. A file name or path external control vulnerability exists in QNAP Systems Photo Station, which can be exploited by remote attackers to access or modify system files...

9.8CVSS9AI score0.89681EPSS
Exploits9References1
OSV
OSV
added 2018/06/26 4:29 p.m.1 views

DEBIAN-CVE-2018-1000532

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users...

4.7CVSS6.7AI score0.0035EPSS
Exploits0References1
Rows per page
Query Builder