Lucene search
K

1092 matches found

Cvelist
Cvelist
added 2025/11/14 3:5 a.m.8 views

CVE-2025-13161 IQ Service International|IQ-Support - Arbitrary File Read

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

8.7CVSS0.00469EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.3 views

IQ Service IQ-Support 安全漏洞

IQ Service IQ-Support is an intelligent customer service system from IQ Service, Inc. of Taiwan, China. A security vulnerability exists in IQ Service IQ-Support that originates from relative path traversal and could allow an unauthenticated, remote attacker to download arbitrary system files...

8.7CVSS6.8AI score0.00469EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/13 3:45 p.m.13 views

Relative Path Traversal

Overview privatebin/privatebin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Affected versions of this package are vulnerable to Relative Path Traversal via the template-switching feature when templateselection is enabled in the configuration. An...

6.9CVSS7.3AI score0.00427EPSS
Exploits0References2
Amazon
Amazon
added 2025/11/10 12:0 a.m.11 views

Important: tomcat9

Issue Overview: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could...

7.5CVSS7.7AI score0.66535EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2025/11/08 3:57 p.m.8 views

CVE-2025-58463

A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following...

6.3CVSS6.8AI score0.00416EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/08 3:57 p.m.7 views

CVE-2025-58464

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...

7.8CVSS6.8AI score0.00441EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/07 6:30 p.m.4 views

EUVD-2025-38269

A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following...

6.3CVSS6.3AI score0.00416EPSS
Exploits0References2
OSV
OSV
added 2025/11/07 4:15 p.m.7 views

CVE-2025-58464

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References1
NVD
NVD
added 2025/11/07 4:15 p.m.4 views

CVE-2025-58464

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...

7.8CVSS0.00441EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/07 3:10 p.m.6 views

CVE-2025-58464 QuMagie

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later...

7.8CVSS0.00441EPSS
Exploits0References1
CVE
CVE
added 2025/11/07 3:10 p.m.14 views

CVE-2025-58464

Summary: CVE-2025-58464 affects QuMagie with a relative path traversal vulnerability. Multiple sources (NVD, Red Hat, ENISA EUVD) describe a flaw that could allow a remote attacker to read contents of unexpected files or system data. Affected software: QuMagie (prior to version 2.7.3). Vulnerabil...

7.8CVSS6.5AI score0.00441EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/11/07 12:30 p.m.9 views

OESA-2025-2630 tomcat security update

The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open developmen...

9.6CVSS7.8AI score0.66535EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.4 views

PT-2025-45436

Name of the Vulnerable Software and Affected Versions QuMagie versions prior to 2.7.3 Description A relative path traversal issue exists in QuMagie. A remote attacker may be able to read the contents of unexpected files or system data by exploiting this issue. Recommendations Update to QuMagie...

7.8CVSS6.6AI score0.00441EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.5 views

QNAP Download Station 安全漏洞

QNAP Download Station is a web-based download tool from Taiwan, China-based QNAP Technology QNAP. A security vulnerability exists in QNAP Download Station, which originates from relative path traversal and could result in reading unexpected files or system data...

6.3CVSS6.8AI score0.00416EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.4 views

QNAP Systems QuMagie 安全漏洞

QNAP Systems QuMagie is a QTS photo management application from China Weilian Technology QNAP Systems. A security vulnerability exists in QNAP Systems QuMagie versions prior to 2.7.3 that stems from a relative path traversal issue that could result in reading unexpected files or system data...

7.8CVSS6.6AI score0.00441EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.6 views

Dell Secure Connect Gateway 安全漏洞

Dell Secure Connect Gateway is an enterprise-grade secure connectivity gateway appliance from Dell that is used to monitor hardware status, automate the creation of support requests, and securely communicate to safeguard device connectivity to Dell backend services. A relative path traversal...

4.3CVSS6.7AI score0.00275EPSS
Exploits0References1
Snyk
Snyk
added 2025/10/27 6:31 p.m.20 views

Relative Path Traversal

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Relative Path Traversal via the URL normalization. An attacker can bypass security constraints and access restricted directories such as /WEB-INF/ and /META-INF/...

7.7CVSS9.1AI score0.66535EPSS
Exploits4References2
Github Security Blog
Github Security Blog
added 2025/10/27 6:31 p.m.15 views

Apache Tomcat Vulnerable to Relative Path Traversal

The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the...

7.5CVSS9.3AI score0.66535EPSS
Exploits4References13Affected Software3
OSV
OSV
added 2025/10/27 6:31 p.m.4 views

GHSA-WMWF-9CCG-FFF5 Apache Tomcat Vulnerable to Relative Path Traversal

The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the...

7.7CVSS7.1AI score0.66535EPSS
Exploits4References13
OSV
OSV
added 2025/10/27 6:15 p.m.2 views

UBUNTU-CVE-2025-55752

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

7.5CVSS7.3AI score0.66535EPSS
Exploits4References6
Rows per page
Query Builder