Lucene search
K

53 matches found

Redos
Redos
added 2026/04/30 12:0 a.m.9 views

ROS-20260430-73-0004

Vulnerability in buildkit related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

9.8CVSS5.4AI score0.00498EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.6 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by Node.js’s built-in APIs. Versions 17.0 to 28.4.1, 27.3.4.9, and 26.2.5.18 of Erlang/OTP contain security vulnerabilities due to improper path name restrictions, which may lead to...

5.4CVSS7.1AI score0.00363EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.9 views

Hexpm 安全漏洞

Hexpm is a web page and interface developed by Hex. Hexpm has a security vulnerability, which stems from improper path name restrictions, potentially leading to relative path traversal...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.6 views

WordPress plugin User Extra Fields 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...

7.7CVSS5.8AI score0.00456EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.6 views

WordPress plugin User Extra Fields 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...

8.6CVSS5.8AI score0.00518EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress plugin Anona: Path traversal vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.6CVSS5.8AI score0.00458EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.9 views

The vulnerability of the WinRAR file archiver, related to incorrect restrictions on the path name of the restricted directory, allows a hacker to execute arbitrary code.

The vulnerability of the WinRAR file archiver is related to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability allows an attacker to execute arbitrary code during the extraction of a specially crafted file...

7.8CVSS7.8AI score0.80906EPSS
Exploits35References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/02 12:0 a.m.8 views

The vulnerability of operating systems iOS, iPadOS, and macOS arises from incorrect restrictions on path names in restricted access directories, allowing attackers to gain unauthorized access to confidential data.

The vulnerability of iOS, iPadOS, and macOS operating systems is related to incorrect restrictions on path names in restricted access directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data...

6.5CVSS5.5AI score0.00411EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.7 views

The vulnerability of the software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak System allows a perpetrator to expose protected information.

The vulnerability of software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak Systems is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected...

5.3CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.7 views

The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.

The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...

7.8CVSS5.5AI score0.14944EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.7 views

The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.

The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...

5.3CVSS5.5AI score0.00769EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.5 views

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS8.1AI score0.03189EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.7 views

The vulnerability of the Ivanti EPM endpoint management software lies in the incorrect limitation of the path name in the catalog, allowing a malicious actor to execute remote code.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability allows a remote attacker to execute malicious code remotely...

9CVSS7.4AI score0.0275EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.8 views

Vulnerability of Veeam Backup & Replication virtual and physical systems, related to incorrect restrictions on path names to the restricted access catalog, allows attackers to increase their privileges (LPE).

The vulnerability in Veeam Backup & Replication and physical systems is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to increase their privileges LPE...

7.8CVSS7.2AI score0.0029EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.7 views

The vulnerability of the File Explorer application (formerly Windows Explorer) of Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the File Explorer application formerly Windows Explorer in Microsoft Windows operating systems is related to incorrect path name restrictions for restricted access directories. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

7.1CVSS6.6AI score0.01569EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.7 views

The vulnerability of the IP Routing Management Snapin, a service for managing IP routing on Microsoft Windows operating systems, allows a hacker to execute arbitrary code.

The vulnerability of the IP Routing Management Snapin service for Microsoft Windows operating systems is related to incorrect path name restrictions in the restricted access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS5.9AI score0.01703EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/10 12:0 a.m.7 views

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series lies in improper name restrictions for path entries to the catalog. This allows unauthorized access by attackers to resources and enables them to modify them.

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to incorrect restrictions on path names to the catalog. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

10CVSS5.5AI score0.00543EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.10 views

The vulnerability of microprogrammed software in industrial routers of the SCALANCE M-800 family (including S615, MUM-800, and RM1224) arises from incorrect restrictions on path names in the limited-access catalog, allowing attackers to influence the integrity of the system.

The vulnerability of microprogrammed software in industrial routers of the SCALANCE M-800 family including S615, MUM-800, and RM1224 is related to incorrect restrictions on path names in the limited-access catalog. Exploiting this vulnerability can allow a malicious actor to influence the integri...

5CVSS7.4AI score0.00265EPSS
Exploits0References3Affected Software18
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.8 views

The vulnerability of Palo Alto Networks’ operating system PAN-OS relates to incorrect path name restrictions for restricted access directories, allowing attackers to escalate their privileges.

The vulnerability of Palo Alto Networks’ operating system PAN-OS relates to incorrect restrictions on path names in restricted access directories. Exploiting this vulnerability can allow attackers to increase their privileges...

6.2CVSS6.8AI score0.00474EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.9 views

WordPress plugin Global Gateway e4 | Payeezy Gateway 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A path traversal vulnerability exists in the WordPress plug...

8.6CVSS8.2AI score0.00565EPSS
Exploits0References2
Rows per page
Query Builder