Lucene search
K

692 matches found

NVD
NVD
added 4 hours ago5 views

CVE-2026-52902

A path traversal vulnerability was found in awxkit, the CLI tool for AWX. The YAML !include directive does not sanitize file paths, allowing an attacker to craft a malicious YAML file that reads arbitrary YAML-formatted files from the local filesystem when a user imports it using "awx --conf.form...

4.7CVSS
Exploits0References2
CVE
CVE
added 5 hours ago12 views

CVE-2026-52902

CVE-2026-52902 affects awxkit (AWX CLI). The YAML !include directive permits path traversal, enabling an attacker to craft a YAML file that reads arbitrary local YAML files when a user imports it via awx --conf.format yaml import. This is a client-side vulnerability requiring user interaction. Mi...

4.7CVSS5.5AI score
Exploits0References2
Nuclei
Nuclei
added 9 hours ago32 views

LocalAI - Partial Local File Read

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery SSRF and partial Local File Inclusion LFI. The endpoint supports both https-// and file-// schemes, where the latter can lead to LFI. However, the output is limited due to the...

5.8CVSS6.2AI score0.86379EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago68 views

Vitest Browser Mode - Local File Read

Vitest is a testing framework powered by Vite. The screenshot-error handler on the browser mode HTTP server that responds any file on the file system. Especially if the server is exposed on the network by browser.api.host- true, an attacker can send a request to that handler from remote to get th...

7.5CVSS7.9AI score0.23641EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added yesterday6 views

Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only readparquet and arcpartitionagg via regex denylist. The broader DuckDB I/O function family — readcsvauto, readcsv, readjson, readjsonauto, readtext, readblob, glob, parquetmetadata, parquetschema, readxlsx, etc...

5.6AI score
Exploits0References4Affected Software1
OSV
OSV
added yesterday2 views

GHSA-P2J4-C4G6-RPF5 Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only readparquet and arcpartitionagg via regex denylist. The broader DuckDB I/O function family — readcsvauto, readcsv, readjson, readjsonauto, readtext, readblob, glob, parquetmetadata, parquetschema, readxlsx, etc...

7.1CVSS5.6AI score
Exploits0References4
NCSC
NCSC
added yesterday16 views

Vulnerabilities present in IBM Aspera High-Speed Transfer Endpoint and Server

IBM has identified vulnerabilities in the IBM Aspera High-Speed Transfer Endpoint and Server versions 3.7.4 through 4.4.7 Fix Pack 1. These vulnerabilities reside in the asperahttpd component of the IBM Aspera High-Speed Transfer Endpoint and Server products. A buffer overflow can lead to...

9.8CVSS6.1AI score0.00459EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday233 views

Eclipse Mojarra - Local File Read

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. id: CVE-2020-6950 info: name: Eclipse Mojarra - Local File Read author: iamnoooob,pdresearch severity: medium description: | Directory traversal in Eclipse Mojarra...

6.5CVSS7AI score0.51657EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday6 views

Apache CXF < 4.0.4 - Aegis DataBinding SSRF / Local File Read

Apache CXF before 4.0.4, 3.6.3 and 3.5.8 has a Server-Side Request Forgery SSRF vulnerability when using the Aegis DataBinding. The XOP Include mechanism in multipart SOAP requests can be abused to read local files or make server-side HTTP requests to arbitrary URLs. An attacker can use this to...

9.3CVSS7.1AI score0.50829EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday32 views

BOA Web Server 0.94.14 - Arbitrary File Access

BOA Web Server 0.94.14 is susceptible to arbitrary file access. The server allows the injection of "../.." using the FILECAMERA variable sent by GET to read files with root privileges and without using access credentials. id: CVE-2017-9833 info: name: BOA Web Server 0.94.14 - Arbitrary File Acces...

7.8CVSS7.6AI score0.84527EPSS
Exploits6References5
ATTACKERKB
ATTACKERKB
added yesterday5 views

CVE-2022-50953

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.0015EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added yesterday6 views

EUVD-2022-56000

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.0015EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added yesterday4 views

CVE-2022-50953 WordPress Plugin admin-word-count-column 2.2 Local File Read

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.0015EPSS
Exploits0References3
CVE
CVE
added yesterday10 views

CVE-2022-50953

The CVE concerns the WordPress plugin admin-word-count-column version 2.2 . A vulnerability allows unauthenticated local file read via crafted requests to download-csv.php, exploiting a null byte injection in the path parameter to bypass restrictions and read arbitrary files (e.g., system configu...

6.9CVSS5.6AI score0.0015EPSS
Exploits0References3
Cvelist
Cvelist
added yesterday29 views

CVE-2022-50953 WordPress Plugin admin-word-count-column 2.2 Local File Read

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS0.0015EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added yesterday5 views

PT-2026-47575

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only read parquet and arc partition agg via regex denylist. The broader DuckDB I/O function family — read csv auto, read csv, read json, read json auto, read text, read blob, glob, parquet metadata, parquet schema,...

7.1CVSS5.6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-47231

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.0015EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

9.2CVSS5.5AI score0.00037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-41882

In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server...

7.5CVSS5.5AI score0.00001EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-5478

The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and including, 3.4.4. This is due to the plugin trusting attacker-controlled oldfiles data from public form submissions as legitimate server-side upload state, and converting...

8.1CVSS5.6AI score0.00059EPSS
Exploits0References1
Rows per page
Query Builder