Lucene search
K

1091 matches found

CNNVD
CNNVD
added 2026/02/03 12:0 a.m.9 views

Lexmark 安全漏洞

Lexmark is a series of printers produced by the American company Lexmark. Several Lexmark products have security vulnerabilities, which stem from relative path traversal in the embedded solution framework, potentially allowing for the execution of arbitrary code. The following products are...

8.8CVSS6.1AI score0.00614EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/01 6:40 a.m.3 views

Relative Path Traversal

Overview safecmd is a Call commands safely by checking them rigorously against an allow-list Affected versions of this package are vulnerable to Relative Path Traversal via the extractcommands function that lacks proper validation of relative paths. An unauthenticated attacker could gain access t...

8.7CVSS5.6AI score
Exploits0References3
Snyk
Snyk
added 2026/01/27 10:47 p.m.3 views

Relative Path Traversal

Overview @vltpkg/tar is an An extremely limited and very fast tar extractor Affected versions of this package are vulnerable to Relative Path Traversal via improper sanitization of file paths during the extraction process. An attacker can overwrite arbitrary files on the filesystem by crafting ta...

5.9CVSS6AI score0.0018EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/26 9:2 p.m.3 views

Relative Path Traversal

Overview @pnpm/package-bins is a that returns bins of a package. Affected versions of this package are vulnerable to Relative Path Traversal via the commandsFromBin function when performing bin name validation and normalization. An attacker can create or overwrite arbitrary files outside the...

7.4CVSS6AI score0.00438EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/20 8:41 p.m.29 views

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

7.1CVSS0.01633EPSS
Exploits2References1
NVD
NVD
added 2026/01/16 4:15 a.m.6 views

CVE-2026-1022

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00589EPSS
Exploits0References2
OSV
OSV
added 2026/01/16 4:15 a.m.6 views

CVE-2026-1022

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

7.5CVSS5.9AI score0.00589EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/16 3:33 a.m.23 views

CVE-2026-1022 Gotac|Statistics Database System - Arbitrary File Read

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00589EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/16 3:33 a.m.2 views

CVE-2026-1022 Gotac|Statistics Database System - Arbitrary File Read

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS6.9AI score0.00589EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/16 3:33 a.m.3 views

CVE-2026-1022

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS5.7AI score0.00589EPSS
Exploits0References3
CVE
CVE
added 2026/01/16 3:33 a.m.15 views

CVE-2026-1022

The CVE-2026-1022 entry concerns Gotac’s Statistics Database System and an Arbitrary File Read vulnerability. Unauthenticated remote attackers can use Relative Path Traversal to download arbitrary system files. Multiple connected sources (NVD, Red Hat, CVE List, EUVD, CIRCL, etc.) corroborate the...

8.7CVSS6.9AI score0.00589EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003754 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...

9.3CVSS7.6AI score0.05123EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.4 views

Gotac Statistics Database System security vulnerabilities

The Gotac Statistics Database System is a statistical database system developed by Gotac in Taiwan, China. The Gotac Statistics Database System has a security vulnerability, which stems from an arbitrary file reading vulnerability. This vulnerability could allow unverified remote attackers to...

8.7CVSS5.9AI score0.00589EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.6 views

PT-2026-3209

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS7.2AI score0.00589EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001334)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001334 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...

9.3CVSS7.6AI score0.05123EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003746 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...

9.3CVSS7.6AI score0.05123EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.14 views

CVE-2023-43825

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...

7.8CVSS7.3AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.9 views

CVE-2021-31538

LANCOM R Unified Firewall UF devices running LCOS FX 10.5 allow Relative Path Traversal...

7.5CVSS7.1AI score0.01486EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:30 a.m.10 views

CVE-2023-29004

hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A Path Traversal vulnerability was found in the current version of Roxy-WI 6.3.9.0 at the moment of writing this report. The vulnerability can be exploited via an HTTP request to /app/options.py and the...

6.5CVSS6.8AI score0.00902EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:26 a.m.10 views

CVE-2023-4914

Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1...

7.5CVSS6.8AI score0.00731EPSS
Exploits1References1
Rows per page
Query Builder