Lucene search
K

47 matches found

CVE
CVE
added 2026/06/19 7:13 p.m.23 views

CVE-2026-49342

YARD (Ruby) prior to 0.9.44 is affected: its static cache lookup reads the request path before router path cleanup, allowing a traversal like /../yard-cache-secret.html to be joined with a document root and retrieve a sibling .html outside the intended static tree. The issue is addressed in versi...

5.3CVSS5.8AI score0.00273EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 2:35 p.m.8 views

CVE-2026-48855 SFTP READLINK Leaks Absolute Backend Filesystem Path When Root Is Configured

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.5AI score0.00277EPSS
Exploits0References5
OSV
OSV
added 2026/05/18 8:10 a.m.8 views

SUSE-SU-2026:1964-1 Security update for rmt-server

This update for rmt-server fixes the following issues - CVE-2026-26961: rack: mismatch in header handling can allow to smuggle multipart content bsc1261398. - CVE-2026-26962: rack: improper unfolding of folded multipart headers can lead to header injection or response splitting bsc1261471. -...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29915

Summary Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with that string, including unrelated paths such as "/css-config.env" or...

7.5CVSS5.9AI score0.00387EPSS
Exploits0References4
RubySec
RubySec
added 2026/04/02 12:0 a.m.7 views

Rack::Static prefix matching can expose unintended files under the static root

Summary Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with that string, including unrelated paths such as "/css-config.env" or...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.11 views

BuildKit 后置链接漏洞

BuildKit is a concurrent, cache-efficient build tool package developed by Moby. Versions of BuildKit prior to 0.28.1 contained a post-link vulnerability. This vulnerability stemmed from insufficient validation of Git URL fragment sub-directory components, which could allow access to files outside...

8.2CVSS7.1AI score0.00463EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/25 9:28 p.m.8 views

AVideo: Remote Code Execution via PHP Temp File in Encoder downloadURL

Summary The downloadVideoFromDownloadURL function in objects/aVideoEncoder.json.php saves remote content to a web-accessible temporary directory using the original URL's filename and extension including .php. By providing an invalid resolution parameter, an attacker triggers an early die via...

8.8CVSS6.7AI score0.00395EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/19 10:43 p.m.4 views

CVE-2026-29098 SuiteCRM has Relative Path Traversal via ModuleBuilder Modules ExportCustom Action

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the actionexportCustom function in modules/ModuleBuilder/controller.php fails to properly neutralize path traversal sequences in the $modules and $name...

4.9CVSS5.9AI score0.00329EPSS
Exploits0References4
OSV
OSV
added 2026/03/04 7:48 p.m.3 views

GHSA-Q5QW-H33P-QVWR Hono vulnerable to arbitrary file access via serveStatic vulnerability

Summary When using serveStatic together with route-based middleware protections e.g. app.use'/admin/', ..., inconsistent URL decoding allowed protected static resources to be accessed without authorization. The router used decodeURI, while serveStatic used decodeURIComponent. This mismatch allowe...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References4
RubySec
RubySec
added 2026/02/17 12:0 a.m.9 views

Rack has a Directory Traversal via Rack:Directory

Summary Rack::Directory’s path check used a string prefix match on the expanded path. A request like /../rootexample/ can escape the configured root if the target path starts with the root string, allowing directory listing outside the intended root. Details In directory.rb,...

7.5CVSS5.5AI score0.00665EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/17 6:4 a.m.12 views

CVE-2016-15056

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

8.7CVSS6.5AI score0.00579EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/14 10:49 p.m.4 views

EUVD-2016-10800

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

8.7CVSS6.1AI score0.00579EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/11/14 10:49 p.m.14 views

CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

8.7CVSS0.00579EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/14 10:49 p.m.5 views

CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration backup files in the web root after they are generated for download. These backup files remain accessible without authentication until the next reboot. A remote attacker on the local network can reque...

8.7CVSS6.2AI score0.00579EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/11/14 12:0 a.m.5 views

Ubee EVW3226 安全漏洞

The Ubee EVW3226 is a WiFi router from Ubee Corporation of Taiwan, China. A security vulnerability exists in the Ubee EVW3226 version 1.0.20 and earlier, which stems from a configuration backup file being stored in the web root directory and unencrypted, which could lead to the disclosure of...

8.7CVSS6.2AI score0.00579EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/11/08 12:0 a.m.5 views

CVAT.ai CVAT 路径遍历漏洞

CVAT.ai CVAT is an open source data processing tool from CVAT.ai. A path traversal vulnerability exists in CVAT.ai CVAT versions 2.4.0 through 2.48.1, which originates from a malicious user being able to create or overwrite files in the root directory of a mounted file share, potentially leading ...

5.3CVSS6.6AI score0.00352EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-0230

Malware in sbrugna...

5CVSS6.4AI score0.07652EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-0036

Malware in sbrugna...

5CVSS6.1AI score0.02602EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-0050

Malware in sbrugna...

5CVSS6.4AI score0.01388EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/27 8:0 a.m.5 views

CVE-2021-4459 SMA: Directory Traversal in Sunny Boy <3.10.27.R

An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices...

6.5CVSS7AI score0.00617EPSS
Exploits0References1
Rows per page
Query Builder