Lucene search
K

851 matches found

Patchstack
Patchstack
added 2026/03/31 7:50 a.m.7 views

WordPress Oxygen theme <= 6.0.8 - Unauthenticated Server-Side Request Forgery via route_path vulnerability

Unauthenticated Server-Side Request Forgery via routepath vulnerability discovered by Ahmed Rayen Ayari in WordPress Theme Oxygen versions = 6.0.8...

7.2CVSS5.9AI score0.0019EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/25 6:31 p.m.2 views

EUVD-2026-15459

textract through 2.5.0 is vulnerable to OS Command Injection via the file path parameter in multiple extractors. When processing files with malicious filenames, the filePath is passed directly to childprocess.exec in lib/extractors/doc.js, rtf.js, dxf.js, images.js, and lib/util.js with inadequat...

5.8AI score0.02421EPSS
Exploits4References7
ATTACKERKB
ATTACKERKB
added 2026/03/24 4:9 a.m.2 views

CVE-2026-4632

A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/user/index.php?view=add of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack may be performed fr...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/03/19 5:46 p.m.4 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path in the POST /api/v2/files/ endpoint. An attacker can execute arbitrary code, overwrite critical files, or gain unauthorized access by uploading files with crafted filenames that bypass containment...

9.9CVSS6.1AI score0.01417EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.7 views

Mura 安全漏洞

Mura is a content management system developed by Mura Corporation. Versions of Mura 10.1.10 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of CSRF token verification in the update URL, which could lead to manipulation of user information...

7.1CVSS5.8AI score0.00109EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/17 12:30 p.m.7 views

EUVD-2026-12558

Apache Airflow versions 3.1.0 through 3.1.7 session token token in cookies is set to path=/ regardless of the configured webserver baseurl or api baseurl. This allows any application co-hosted under the same domain to capture valid Airflow session tokens from HTTP request headers, allowing full...

7.5CVSS5.8AI score0.00677EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

ZKTeco ZKBioSecurity 安全漏洞

ZKTeco ZKBioSecurity is a web-based integrated platform developed by ZKTeco in China. Version 3.0 of ZKTeco ZKBioSecurity contains a security vulnerability. This vulnerability stems from improper handling of file paths, which may allow attackers to access arbitrary files by modifying file paths...

6.9CVSS5.9AI score0.00206EPSS
Exploits1References6
Patchstack
Patchstack
added 2026/03/11 7:28 a.m.5 views

WordPress Ally - Web Accessibility & Usability plugin <= 4.0.3 - Unauthenticated SQL Injection via URL Path vulnerability

WordPress Ally - Web Accessibility & Usability plugin = 4.0.3 - Unauthenticated SQL Injection via URL Path vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Ally versions = 4.0.3...

7.5CVSS5.8AI score0.02289EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/03/10 9:32 p.m.6 views

EUVD-2026-10808

IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...

7.4CVSS6.1AI score0.00147EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/09 5:57 a.m.8 views

Installer for Qsee Client may insecurely load Dynamic Link Libraries

Overview The installer for Qsee Client provided by Qsee contains the following vulnerability with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-30896 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. report...

8.4CVSS7AI score0.0016EPSS
Exploits0References5
CISA KEV Catalog
CISA KEV Catalog
added 2026/03/09 12:0 a.m.7 views

Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

Ivanti Endpoint Manager EPM contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data...

8.6CVSS5.8AI score0.81089EPSS
In wildExploits0
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.7 views

timescaledb 代码问题漏洞

Timescaledb is an extension to the temporal database developed by Tiger Data. In versions of TimescaleDB 2.23.0 to 2.25.1, there is a code vulnerability caused by improper setting of the searchpath, which may lead to arbitrary code execution...

8.8CVSS6.1AI score0.00136EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/04 3:30 p.m.6 views

EUVD-2026-9391

Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1, contains an uncontrolled search path element vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, elevation of privileges, a...

6.7CVSS5.9AI score0.00136EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 9:15 p.m.5 views

CVE-2026-24502

Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.8CVSS5.8AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/03 3:45 p.m.7 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to arbitrary code execution (CVE-2025-13465, CVE-2025-61140) and denial of service (CVE-2025-15284)

Summary Node.js modules lodash, qs and jsonpath are used by IBM App Connect Enterprise Certified Container. All IBM App Connect Enterprise Certified Container operands are vulnerable to arbitrary code execution CVE-2025-13465, CVE-2025-61140 and denial of service CVE-2025-15284. This bulletin...

9.8CVSS6.5AI score0.01535EPSS
Exploits2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/27 9:20 p.m.5 views

CVE-2026-28406

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using filepath.Joindest, cleanedName without enforcing that the final path stays within dest. A ta...

8.2CVSS6.3AI score0.00613EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/02/20 3:31 a.m.6 views

Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries

Overview The installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool contains the following vulnerability related to the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-26050 Kazuma...

8.4CVSS5.7AI score0.0016EPSS
Exploits0References5
NVD
NVD
added 2026/02/19 9:16 a.m.4 views

CVE-2026-26359

Dell Unisphere for PowerMax, versions 10.2, contains an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files...

8.8CVSS0.00375EPSS
Exploits0References1
CVE
CVE
added 2026/02/13 6:10 p.m.11 views

CVE-2026-21878

The vulnerability CVE-2026-21878 affects BACnet Stack (open source C library) prior to version 1.5.0.rc3, due to lack of validation of user-provided file paths in the file-writing functionality. Affected code paths include apps/readfile/main.c and ports/posix/bacfile-posix.c. The issue allows wri...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.8 views

Symfony Process Component < 5.4.51 / 6.4.x < 6.4.33 / 7.3.x < 7.3.11 / 7.4.x < 7.4.5 / 8.0.x < 8.0.5 Argument Injection (GHSA-r39x-jcww-82v6)

The version of Symfony Process Component installed on the remote host is prior to 5.4.51, or 6.4.x prior to 6.4.33, or 7.3.x prior to 7.3.11, or 7.4.x prior to 7.4.5, or 8.0.x prior to 8.0.5. It is, therefore, affected by an argument injection vulnerability. The Symfony Process component did not...

6.3CVSS5.9AI score0.00201EPSS
Exploits1References3
Rows per page
Query Builder