Lucene search
K

158 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.5 views

EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-2521)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...

9.1CVSS7AI score0.00724EPSS
Exploits1References5
NVD
NVD
added 2025/11/24 10:15 p.m.3 views

CVE-2024-47856

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

9.8CVSS0.00486EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/24 12:0 a.m.2 views

CVE-2024-47856

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

6.5AI score0.00486EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.9 views

TencentOS Server 3: php:8.0 (TSSA-2023:0257)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0257 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS7.8AI score0.08003EPSS
Exploits6References7
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.3 views

Nero BackItUp 安全漏洞

Nero BackItUp is a backup program from Nero. A security vulnerability exists in Nero BackItUp that stems from path resolution and UI rendering flaws that could lead to the execution of arbitrary code when a user clicks on a specially crafted entry...

8.6CVSS7.2AI score0.00267EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/05 6:40 p.m.3 views

Race Condition Enabling Link Following

Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following in the handling of procfs file writes. An attacker can cause arbitrary writes to sensitive files or trigger a denial of service by redirecting write operations through race conditions and...

8.2CVSS6.4AI score0.00523EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.8 views

PT-2025-45167

Name of the Vulnerable Software and Affected Versions Youki versions 0.5.6 and below Description Youki, a container runtime written in Rust, has an issue with its apparmor handling. Insufficiently strict write-target validation, combined with path substitution during pathname resolution, can allo...

10CVSS6.6AI score0.00243EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2833

Malicious code in bioql PyPI...

6CVSS6.2AI score0.00257EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-51784

Malicious code in bioql PyPI...

5.5CVSS7.3AI score0.00254EPSS
Exploits0References8
OSV
OSV
added 2025/09/15 2:46 p.m.5 views

CVE-2023-53260 ovl: fix null pointer dereference in ovl_permission()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...

5.5CVSS7.2AI score0.00133EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.8 views

CVE-2025-54107

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network...

4.3CVSS6.8AI score0.00855EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.4 views

PT-2025-36849

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An improper resolution of path equivalence in Windows MapUrlToZone can allow an unauthorized attacker to bypass a security feature over a network. This security-feature bypass can affect th...

4.3CVSS6.1AI score0.00855EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.7 views

Hono 安全漏洞

Hono is a web framework written in TypeScript from the Hono community. A security vulnerability exists in Hono 4.9.5 and earlier versions, which stems from an error in the path resolution of the getPath function and could lead to bypassing proxy ACLs...

7.5CVSS6.3AI score0.00498EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-21896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The permission model protects itself against path traversal attacks by calling path.resolve on any paths given by the user. If the path is to be treated as a...

9.8CVSS6.9AI score0.01262EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/08/16 11:18 a.m.650 views

Exploit for CVE-2024-32019

CVE-2024-32019 — Netdata ndsudo Local Privilege Escalation...

8.8CVSS9.1AI score0.01165EPSS
Exploits15
OSV
OSV
added 2025/08/11 1:53 p.m.4 views

BIT-LIBPHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

8.1CVSS7AI score0.01242EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/08/06 12:0 a.m.3 views

PT-2025-32238

Name of the Vulnerable Software and Affected Versions tmp versions 0.2.3 and below Description The tmp node.js module versions 0.2.3 and below is susceptible to an arbitrary temporary file/directory write vulnerability due to improper handling of symbolic links when resolving paths. Specifically,...

5.3CVSS5AI score0.00309EPSS
Exploits1References21
Debian CVE
Debian CVE
added 2025/07/25 2:0 p.m.4 views

CVE-2025-38416

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in success path Setting tty-discdata before opening the NCI device means we need to clean it up on error paths. This also opens some short window if device starts sending data, even before...

7.8CVSS5.8AI score0.00183EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: php:7.4 (TSSA-2024:1123)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1123 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS8.3AI score0.3786EPSS
Exploits11References12
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 p.m.6 views

CVE-2021-36376

dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory...

7.8CVSS7.1AI score0.00422EPSS
Exploits0References1
Rows per page
Query Builder