Linux Distros Unpatched Vulnerability : CVE-2025-68920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve...

EUVD-2002-1836

Malware in sbrugna...

EUVD-2002-1838

Malware in sbrugna...

EUVD-2004-0327

Malware in sbrugna...

EUVD-2002-1834

Malware in sbrugna...

EUVD-2017-8092

Malware in sbrugna...

EUVD-2000-1191

Malware in sbrugna...

EUVD-2002-1839

Malware in sbrugna...

EUVD-2024-52567

Malicious code in bioql PyPI...

EUVD-2021-29729

Malicious code in bioql PyPI...

CVE-2024-41511

A Path Traversal Local File Inclusion vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter...

CVE-2024-54453

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder, e.g., files such a...

CVE-2002-1859

Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

CVE-2002-1860

Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

CVE-2002-1858

Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot "WEB-INF."...

CVE-2024-54453

CVE-2024-54453 affects Kurmi Provisioning Suite prior to 7.9.0.35, 7.10.x before 7.10.0.18, and 7.11.x before 7.11.0.15. A path traversal flaw in the DocServlet servlet enables remote attackers to retrieve arbitrary files from the Kurmi web application installation folder (e.g., obfuscated/compil...

CVE-2024-54453

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder, e.g., files such a...

ManageEngine AssetExplorer 6.9 Build 6980 XXE

An XML external entity XXE vulnerability exists in ManageEngine AssetExplorer 6.9 Build 6980 due to a flaw in the Analytics Plus integration. Threat actors with admin role access can retrieve local files from the server running the affected products. Note that Nessus has not tested for this issue...

CVE-2021-42773

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, could allow a user to retrieve an arbitrary file from a remote host with the GetDumpFile command. In non-secure mode, the user is unauthenticated...

VulnCheck KEV: CVE-2019-14205

A Local File Inclusion vulnerability in the Nevma Adaptive Images plugin before 0.6.67 for WordPress allows remote attackers to retrieve arbitrary files via the $REQUEST'adaptive-images-settings''sourcefile' parameter in adaptive-images-script.php...