Lucene search
+L

82 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28139

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00525EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-24209

Malicious code in bioql PyPI...

6.9CVSS6.5AI score0.0092EPSS
Exploits0References2
CVE
CVE
added 2025/08/27 4:23 p.m.21 views

CVE-2025-20295

CVE-2025-20295 affects Cisco UCS Manager Software (CLI) where an authenticated local attacker with administrative privileges can read, create, or overwrite files on the device’s underlying OS due to insufficient input validation of command arguments. The root cause is input validation failure in ...

6CVSS6.4AI score0.00179EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.7 views

PT-2025-34892 · Cisco · Cisco Ucs Manager

Name of the Vulnerable Software and Affected Versions: Cisco UCS Manager Software affected versions not specified Description: A vulnerability in the Cisco UCS Manager Software Command Line Interface CLI may allow an authenticated, local attacker with administrative privileges to read, create, or...

6CVSS6.1AI score0.00179EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/16 5:26 p.m.7 views

CVE-2025-20251

A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If...

8.5CVSS7.5AI score0.00436EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 4:29 p.m.26 views

CVE-2025-20251

CVE-2025-20251 affects Cisco Secure Firewall ASA/FTD VPN Web Server: authenticated remote attacker can use crafted HTTP requests to create or delete arbitrary files on the OS due to insufficient input validation, potentially dropping VPN sessions and causing DoS; device reboot may be required. Ex...

8.5CVSS7.4AI score0.00436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 4:28 p.m.3 views

CVE-2025-20148 Cisco Secure Firewall Management Center HTML Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...

8.5CVSS6.9AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 2:24 a.m.14 views

CVE-2025-42946

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

6.9CVSS7.1AI score0.0092EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/13 9:4 p.m.4 views

CVE-2025-34154 UnForm Server Manager < 10.1.12 Unauthenticated Arbitrary File Read

UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability via its log file analysis interface. The flaw resides in the arc endpoint, which accepts a fl parameter to specify the log file to be opened. Due to insufficient input validation and lack of path...

9.2CVSS7.1AI score0.00645EPSS
Exploits0References4
NVD
NVD
added 2025/08/12 3:15 a.m.5 views

CVE-2025-42946

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

6.9CVSS0.0092EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/12 2:7 a.m.15 views

CVE-2025-42946 Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management)

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

6.9CVSS0.0092EPSS
Exploits0References2
CVE
CVE
added 2025/08/12 2:7 a.m.25 views

CVE-2025-42946

CVE-2025-42946 is a directory traversal vulnerability in SAP S/4HANA Bank Communication Management. An attacker with high privileges and access to a specific transaction/method could read or delete sensitive operating-system files, causing high confidentiality impact and low integrity impact; ava...

6.9CVSS7.1AI score0.0092EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/12 2:7 a.m.3 views

CVE-2025-42946 Directory Traversal vulnerability in SAP S/4HANA (Bank Communication Management)

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

6.9CVSS7.1AI score0.0092EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.9 views

PT-2025-32607 · Sap · Sap S/4Hana

Name of the Vulnerable Software and Affected Versions: SAP S/4HANA Bank Communication Management affected versions not specified Description: A directory traversal issue exists in SAP S/4HANA Bank Communication Management. An attacker with elevated privileges and access to a specific transaction...

6.9CVSS6.9AI score0.0092EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/23 8:2 a.m.7 views

CVE-2024-6049

The web server of Lawo AG vsm LTC Time Sync vTimeSync is affected by a "..." triple dot path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only...

7.5CVSS7.3AI score0.04325EPSS
Exploits1References1
CNVD
CNVD
added 2025/02/10 12:0 a.m.2 views

DELL PowerProtect DD Path Traversal Vulnerability

DELL PowerProtect DD is a family of data protection storage appliances from Dell, built on the Data Domain platform and designed for enterprise-level users. The DELL PowerProtect DD suffers from a path traversal vulnerability that can be exploited by an attacker to illegally overwrite operating...

7.1CVSS6.9AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 11:15 p.m.6 views

CVE-2024-31475

There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI Aruba's access point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to...

8.2CVSS5.9AI score0.00448EPSS
Exploits0References2
PyPA
PyPA
added 2023/12/13 10:15 a.m.7 views

PYSEC-2023-297

A path traversal vulnerability has been detected in Repox, which allows an attacker to read arbitrary files on the running server, resulting in a disclosure of sensitive information. An attacker could access files such as application code or data, backend credentials, operating system files...

7.5CVSS6.9AI score0.00829EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/12/13 10:15 a.m.18 views

Path traversal

A path traversal vulnerability has been detected in Repox, which allows an attacker to read arbitrary files on the running server, resulting in a disclosure of sensitive information. An attacker could access files such as application code or data, backend credentials, operating system files...

5CVSS7.1AI score0.00829EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/12/07 6:15 a.m.13 views

Directory traversal

An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...

5CVSS7.1AI score0.01311EPSS
Exploits0References4
Rows per page
Query Builder