Lucene search
K

100 matches found

Cvelist
Cvelist
added 2026/01/09 7:53 a.m.27 views

CVE-2025-69194 Wget2: arbitrary file write via metalink path traversal in gnu wget2

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

8.8CVSS0.00707EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:42 a.m.8 views

CVE-1999-0229

Denial of service in Windows NT IIS server using ..\...

5CVSS6.9AI score0.05873EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-12635

Malware in sbrugna...

7.5CVSS7.6AI score0.01406EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-29480

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-9197

Malicious code in bioql PyPI...

9.1CVSS9.2AI score0.02354EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2366

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00795EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2021-9182

Malicious code in bioql PyPI...

7.5CVSS7.8AI score0.01602EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-31908

Malicious code in bioql PyPI...

4.2CVSS6.6AI score0.00368EPSS
Exploits0References1
OSV
OSV
added 2025/09/02 8:15 p.m.6 views

CVE-2025-7975

Anritsu ShockLine CHX File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is required to exploit this vulnerability in that the target must visit...

7.8CVSS6.2AI score0.00454EPSS
Exploits0References1
OSV
OSV
added 2025/07/28 7:57 p.m.3 views

GO-2025-3799 LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement in github.com/lf-edge/ekuiper

LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement in github.com/lf-edge/ekuiper...

7AI score
Exploits0References2
Cvelist
Cvelist
added 2025/06/29 9:0 a.m.17 views

CVE-2025-6855 chatchat-space Langchain-Chatchat file path traversal

A vulnerability, which was classified as critical, has been found in chatchat-space Langchain-Chatchat up to 0.3.1. This issue affects some unknown processing of the file /v1/file. The manipulation of the argument flag leads to path traversal. The exploit has been disclosed to the public and may ...

5.5CVSS0.00552EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.5 views

CVE-2024-3318

A file path traversal vulnerability was identified in the DelimitedFileConnector Cloud Connector that allowed an authenticated administrator to set arbitrary connector attributes, including the “file“ attribute, which in turn allowed the user to access files uploaded for other sources...

4.2CVSS6.8AI score0.00368EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 10:39 p.m.66 views

CVE-2025-24907

CVE-2025-24907 concerns Hitachi Vantara Pentaho Data Integration & Analytics. Affected versions are before 10.2.0.2, including 9.3.x and 8.3.x. The issue arises because user input used as a file path through the CGG Draw API is not properly neutralized, allowing doubled triple-dot sequences ('......

6.8CVSS6.6AI score0.00383EPSS
Exploits0References1
Huntr
Huntr
added 2025/04/01 10:18 p.m.5 views

Hardlink-Based Path Traversal in ObsidianReader

Overview A vulnerability has been identified in the ObsidianReader class from llamaindex.readers.obsidian. This vulnerability allows an attacker to bypass the path restriction mechanism using hardlinks , enabling unauthorized access to sensitive system files such as /etc/passwd. Affected Componen...

6.2CVSS6.8AI score0.0029EPSS
Exploits1
OSV
OSV
added 2025/03/25 7:38 p.m.9 views

GO-2025-3564 ingress-nginx controller - auth secret file path traversal vulnerability in k8s.io/ingress-nginx

ingress-nginx controller - auth secret file path traversal vulnerability in k8s.io/ingress-nginx. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

4.8CVSS5AI score0.03517EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.7 views

PT-2024-36824

Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.48.05 Description The issue is related to improper input validation in the application, which can allow attackers to perform local file read LFR or path traversal attacks. These attacks occur when user...

8.6CVSS6AI score0.00691EPSS
Exploits0References17
GithubExploit
GithubExploit
added 2024/10/06 2:58 p.m.240 views

Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164 PoC This repository is a proof of concept PoC...

9.8CVSS9.9AI score0.80819EPSS
Exploits15
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.170 views

Cambium CnPilot R200/r201 File Path Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 File Path Traversal', 'Description' = %q This module exploits a File Path Traversal vulnerability in Cambium cnPilot...

8.8CVSS7.1AI score0.0889EPSS
Exploits2
Cvelist
Cvelist
added 2024/07/11 3:37 p.m.39 views

CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

8.8CVSS0.00657EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/11 3:37 p.m.10 views

CVE-2024-39904 Code Execution Vulnerability via Local File Path Traversal in Vnote

VNote is a note-taking platform. Prior to 3.18.1, a code execution vulnerability existed in VNote, which allowed an attacker to execute arbitrary programs on the victim's system. A crafted URI can be used in a note to perform this attack using file:/// as a link. For example,...

8.8CVSS7.5AI score0.00657EPSS
Exploits0References2
Rows per page
Query Builder