Lucene search
K

9 matches found

CVE
CVE
added 2026/03/31 9:5 p.m.50 views

CVE-2026-34401

XML Notepad is affected by an XXE flaw in which DTD processing was not disabled by default prior to version 2.9.0.21, allowing external entities to be resolved. The issue could cause the application to make outbound HTTP/SMB requests and potentially leak local file contents or NTLM credentials. T...

6.5CVSS5.7AI score0.00986EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/17 8:33 p.m.4 views

GHSA-2CPP-J2FC-QHP7 AWS API MCP File Access Restriction Bypass

Description The AWS API MCP Server is an open source Model Context Protocol MCP server that enables AI assistants to interact with AWS services and resources through AWS CLI commands. It provides programmatic access to manage your AWS infrastructure while maintaining proper security controls. Thi...

6.8CVSS5.9AI score0.00131EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/06/22 12:0 a.m.3 views

Advantech R-SeeNet 安全漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms. A security vulnerability exists in Advantech R-SeeNet version 2.4.22, which allows a low-level user ...

8.8CVSS7.7AI score0.00647EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/06/11 8:35 p.m.24 views

CVE-2019-12154

XXE in the XML parser library in RealObjects PDFreactor before 10.1.10722 allows attackers to supply malicious XML content in externally referenced resources, leading to disclosure of local file contents and/or denial of service conditions...

8.8AI score0.02305EPSS
Exploits0References3
OSV
OSV
added 2018/12/11 5:29 p.m.4 views

UBUNTU-CVE-2018-19968

An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has...

6.5CVSS6.8AI score0.03254EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2016/12/15 12:0 a.m.6 views

The vulnerabilities of browsers Internet Explorer and Microsoft Edge allow attackers to access the content of local files.

The vulnerability of browsers Internet Explorer and Microsoft Edge is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to access the content of local files remotely...

2.6CVSS6.4AI score0.11616EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2015/03/05 2:4 p.m.7 views

Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)

An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file...

4.3CVSS6.8AI score0.02549EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/09/20 12:0 a.m.39 views

Safari < 6.0.1 Multiple Vulnerabilities

Binary data 6582.prm...

9.3CVSS9.8AI score0.04129EPSS
Exploits2References61
Exploit DB
Exploit DB
added 2008/04/29 12:0 a.m.45 views

SugarCRM Community Edition 4.5.1/5.0.0 - File Disclosure

Name SugarCRM – Local File Disclosure SugarCRM http://www.sugarcrm.com/docs/ReleaseNotes/OpenSourceReleaseNotes4.5.1j/ Advisories SugarReleaseNotes4.5.1j.2.6.html Bug 20522 http://dl.sugarforge.org/sugarcrm/SugarCE5.0Latest/SugarCE5.0.0/ SugarCommunityEditionReleaseNotes5.0c.pdf Bug 20342 Date...

7.4AI score
Exploits0
Rows per page
Query Builder