Lucene search
+L

194 matches found

CVE
CVE
added 2026/02/02 10:36 a.m.29 views

CVE-2024-5986

CVE-2024-5986 affects h2oai/h2o-3 in version 3.46.0.1, where remote attackers can write arbitrary data to any file on the server by abusing the /3/Parse endpoint to inject data as the header of an empty file, then exporting it via /3/Frames/framename/export. This can lead to remote code execution...

9.1CVSS6.6AI score0.00629EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.9 views

PT-2026-5651

Name of the Vulnerable Software and Affected Versions h2o-3 version 3.46.0.1 Description A flaw exists in h2o-3 that permits remote attackers to write arbitrary data to any file on the server. The issue is due to exploiting the /3/Parse API endpoint to inject attacker-controlled data as the heade...

9.1CVSS9.1AI score0.00629EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : rsync-3.2.3-9.el9.2 (AXSA:2022-4046:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4046:07 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...

7.4CVSS8.5AI score0.01672EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : rsync-3.1.2-11.el7 (AXSA:2022-3735:05)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3735:05 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...

7.4CVSS8.6AI score0.01672EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : wget-1.14-13.el7 (AXSA:2016-1111:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1111:01 advisory. GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you ar...

8.8CVSS7AI score0.45935EPSS
Exploits8References2
NVD
NVD
added 2026/01/02 7:15 p.m.7 views

CVE-2026-21440

AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease...

9.2CVSS0.01063EPSS
Exploits3References5
OSV
OSV
added 2026/01/02 7:2 p.m.6 views

CVE-2026-21440 AdonisJS Path Traversal in Multipart File Handling

AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease...

9.2CVSS7AI score0.01063EPSS
Exploits3References7
CVE
CVE
added 2025/12/22 9:37 p.m.17 views

CVE-2023-53962

The CVE-2023-53962 entry concerns SOUND4 IMPACT/FIRST/PULSE/Eco v2.x with an unauthenticated directory traversal in upload.cgi through the upgfile parameter, enabling remote attackers to write arbitrary files. Exploitation involves crafting multipart form-data POST requests that include directory...

8.8CVSS6.9AI score0.01042EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2025/12/09 4:17 p.m.3 views

CVE-2025-13659

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...

8.8CVSS6.2AI score0.01681EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 3:59 p.m.40 views

CVE-2025-13659

Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...

8.8CVSS0.01681EPSS
Exploits0References1
OSV
OSV
added 2025/11/14 4:11 p.m.6 views

CLSA-2025-1763136711 Fix CVE(s): CVE-2022-29154, CVE-2024-12087, CVE-2024-12088

SECURITY UPDATE: malicious remote servers to write arbitrary files inside the directories of connecting peers: - debian/patches/els/0001-CVE-2022-29154.patch: fix insufficient validation of file names. - CVE-2022-29154. SECURITY UPDATE: path traversal vulnerability. -...

7.5CVSS7.3AI score0.04653EPSS
Exploits2References1
NVD
NVD
added 2025/11/13 10:15 p.m.15 views

CVE-2025-36236

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

9.1CVSS0.00479EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/10/07 8:41 p.m.173 views

Exploit for CVE-2025-7401

CVE-2025-7401 Premium Age Verification / Restriction for WordP...

9.8CVSS7.2AI score0.0055EPSS
Exploits2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-2100

Malware in sbrugna...

5CVSS6.4AI score0.03135EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0279

Malware in sbrugna...

7.5CVSS6.4AI score0.02106EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-12639

Malware in sbrugna...

7.5CVSS7.6AI score0.02655EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-1532

Malware in sbrugna...

7.8CVSS7.4AI score0.11199EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-5192

Malware in sbrugna...

9.3CVSS6.4AI score0.02081EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-2812

Malware in sbrugna...

7.5CVSS7.6AI score0.00529EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-6769

Malware in sbrugna...

7.5CVSS7.6AI score0.04837EPSS
Exploits0References11
Rows per page
Query Builder