CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

RedhatCVE•added 2025/12/17 7:0 p.m.•5 views

CVE-2025-46294

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This...

5.3CVSS6.7AI score0.00041EPSS

Exploits0References1

CNNVD•added 2025/12/16 12:0 a.m.•2 views

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server, which stems from the IIS short filename enumeration feature and could lead to information disclosure...

5.3CVSS6.4AI score0.00041EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-50414

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00055EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-29622

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00314EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 3:54 a.m.•8 views

CVE-2023-46171

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408...

4.3CVSS5.8AI score0.00055EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:49 p.m.•4 views

CVE-2022-30515

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration...

5.3CVSS7.1AI score0.00221EPSS

Exploits1References1

CNNVD•added 2024/11/27 12:0 a.m.•2 views

Jenkins Plugin Filesystem List Parameter 路径遍历漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A path traversal...

4.3CVSS6.4AI score0.01476EPSS

Exploits0References2

CNVD•added 2024/03/12 12:0 a.m.•21 views

IBM DS8900F HMC Information Disclosure Vulnerability

The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. An information disclosure vulnerability exists in the IBM DS8900F HMC, which can be exploited by an attacker to read arbitrary files after...

6.5CVSS6.2AI score0.00052EPSS

Exploits0References1

OSV•added 2024/03/07 9:15 p.m.•1 views

CVE-2023-46171

4.3CVSS5.8AI score0.00055EPSS

Exploits0References2

CNNVD•added 2024/03/07 12:0 a.m.•3 views

IBM DS8900F HMC 信息泄露漏洞

6.5CVSS6.1AI score0.00052EPSS

Exploits0References3

OSV•added 2022/11/08 11:15 p.m.•2 views

CVE-2022-30515

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration...

5.3CVSS5.8AI score0.00221EPSS

Exploits1References2

Prion•added 2022/11/08 11:15 p.m.•22 views

Authentication flaw

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration...

5CVSS5.4AI score0.00221EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2022/11/08 12:0 a.m.•6 views

CVE-2022-30515

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration...

5.4AI score0.00221EPSS

Exploits1References2

Cvelist•added 2022/11/08 12:0 a.m.•13 views

CVE-2022-30515

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration...

5.7AI score0.00221EPSS

Exploits1References2

Positive Technologies•added 2022/11/08 12:0 a.m.•3 views

PT-2022-20152 · Zkteco · Zkteco Biotime

Name of the Vulnerable Software and Affected Versions: ZKTeco BioTime version 8.5.4 Description: The issue is related to missing authentication on folders containing employee photos. This allows an attacker to view the photos through filename enumeration. Recommendations: For ZKTeco BioTime versi...

5.3CVSS5.2AI score0.00221EPSS

Exploits1References5

OSV•added 2022/06/08 4:15 p.m.•1 views

CVE-2022-32273

As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...

4.3CVSS5.8AI score0.00155EPSS

Exploits0References2

CVE•added 2022/06/08 3:23 p.m.•65 views

CVE-2022-32273

OPSWAT MetaDefender Core (MDCore) prior to version 5.1.2 is affected. An observable discrepancy in returned messages can allow an authenticated user to enumerate filenames on the server, exposing directory/file names. The vulnerability is tied to the MDCore component and requires authentication. ...

4.3CVSS4.5AI score0.00155EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/04/11 8:20 p.m.•7 views

CVE-2022-24837 Enumerable upload file names in hedgedoc

HedgeDoc is an open-source, web-based, self-hosted, collaborative markdown editor. Images uploaded with HedgeDoc version 1.9.1 and later have an enumerable filename after the upload, resulting in potential information leakage of uploaded documents. This is especially relevant for private notes an...

5.3CVSS5.2AI score0.00314EPSS

Exploits0References3

OSV•added 2020/05/07 1:15 p.m.•0 views

CVE-2019-18867

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/...

7.5CVSS7.1AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by