Lucene search
K

117 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-52714

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00556EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-9291

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0127EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-27392

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00696EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-1112

Malicious code in bioql PyPI...

6.6CVSS5.5AI score0.00851EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-47256

Malicious code in bioql PyPI...

8.1CVSS8AI score0.01061EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34502

Malicious code in bioql PyPI...

4.9CVSS5.1AI score0.01062EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/08/07 8:31 p.m.5 views

CVE-2012-10024

XBMC version 11.0 contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw ...

7.1CVSS5.9AI score0.00851EPSS
Exploits0References1
NVD
NVD
added 2025/08/01 9:15 p.m.18 views

CVE-2013-10062

A directory traversal vulnerability exists in Linksys router's web interface tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05, specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the nextpage POST parameter to access arbitrary files outside the...

6.9CVSS0.01402EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/25 2:29 p.m.7 views

CVE-2010-10012

A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server, that allows unauthenticated attackers to read arbitrary files on the host system. By sending a specially crafted GET request containing a sequence of URL-encoded backslashes and directory traversal...

8.7CVSS7.3AI score0.01404EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/16 9:5 p.m.6 views

CVE-2025-34120 LimeSurvey 2.0+ - 2.06+ Unauthenticated Arbitrary File Download via Serialized Backup Payload

An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup endpoint index.php/admin/update/sa/backup, allowing attackers to specify arbitrary file paths using...

8.7CVSS7.1AI score0.01213EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29892 · Lilin · Lilin Digital Video Recorder

Name of the Vulnerable Software and Affected Versions: LILIN Digital Video Recorder DVR versions prior to 2.0b60 20200207 Description: An unauthenticated arbitrary file read issue exists in LILIN Digital Video Recorder DVR devices. This allows attackers to read sensitive configuration files, such...

8.7CVSS7AI score0.01149EPSS
Exploits0References7
Veracode
Veracode
added 2025/07/10 6:28 a.m.7 views

Path Traversal

llamaindexreadersobsidian is vulnerable to path traversal. The vulnerability is due to improper handling of hardlinks in the loaddata method of the ObsidianReader class, which allows an attacker to bypass path restrictions and access sensitive files such as /etc/passwd...

6.2CVSS6.2AI score0.0029EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2025/07/09 5:56 a.m.8 views

Directory Traversal

Dagster is vulnerable to Directory Traversal. The vulnerability is due to improper input sanitization due to the /logs endpoint allowing crafted requests that can access sensitive files, particularly those with names starting with a dot...

7.5CVSS6AI score0.00918EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/07/07 12:30 p.m.5 views

GHSA-3J8R-JF9W-5CMH LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit

A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, before version 0.5.2 specifically in version 0.12.27 of llama-index, allows for hardlink-based path traversal. This flaw permits attackers to bypass path restrictions and access sensitive system files, such as...

6.2CVSS6.1AI score0.0029EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.9 views

PT-2025-26687 · Unknown · Sysmonelixir

Name of the Vulnerable Software and Affected Versions: SysmonElixir versions prior to 1.0.1 Description: The issue concerns SysmonElixir, a system monitor HTTP service in Elixir. Prior to version 1.0.1, the "/read" endpoint reads any file from the server's file system, including sensitive files...

7.5CVSS6.2AI score0.00419EPSS
Exploits0References6
NVD
NVD
added 2025/06/20 7:15 p.m.13 views

CVE-2025-34023

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

8.5CVSS0.01441EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.8 views

PT-2025-25675 · Unknown · Mojoomla Wpgym

Name of the Vulnerable Software and Affected Versions: mojoomla WPGYM versions n/a through 65.0 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...

7.5CVSS7.5AI score0.0046EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 3:23 p.m.8 views

CVE-2020-26065

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTP...

6.5CVSS6.7AI score0.01705EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/05/07 7:45 a.m.354 views

Exploit for CVE-2025-31125

CVE-2025-31125 Exploit - Vite WASM Import Path Traversal 🛡️ T...

5.3CVSS6AI score0.58765EPSS
Exploits9
RedhatCVE
RedhatCVE
added 2025/05/07 12:24 a.m.15 views

CVE-2025-27920

Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access...

8.8CVSS6.9AI score0.01782EPSS
Exploits0References1
Rows per page
Query Builder