Lucene search
K

8 matches found

OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2633 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/09 7:40 a.m.2 views

CVE-2026-22905 Authentication Bypass via URI Traversal

An unauthenticated remote attacker can bypass authentication by exploiting insufficient URI validation and using path traversal sequences e.g., /js/../cgi-bin/post.cgi, gaining unauthorized access to protected CGI endpoints and configuration downloads...

7.5CVSS5.6AI score0.00619EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/04/01 12:0 a.m.7 views

PT-2021-7303 · Eclipse +1 · Eclipse Jetty +1

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty versions 9.4.37.v20210219 through 9.4.38.v20210224 Description: The default compliance mode in Eclipse Jetty allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF director...

7.8CVSS5.9AI score0.82371EPSS
Exploits11References98
OSV
OSV
added 2018/09/14 9:29 p.m.4 views

CVE-2018-16288

LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs...

8.6CVSS5.9AI score0.35258EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2012/08/10 12:0 a.m.64 views

IBM WebSphere Portal Dojo Module URI Traversal Arbitrary File Access

The version of WebSphere Portal on the remote host is using a vulnerable version of the Dojo toolkit. Input to the 'path' parameter of layerLoader.jsp is not properly validated. A remote, unauthenticated attacker could exploit this to download arbitrary files. %NASLMINLEVEL 70300 C Tenable Networ...

5CVSS5.6AI score0.02802EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2008/08/13 12:41 a.m.3 views

CVE-2008-2938

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...

4.3CVSS6AI score0.99708EPSS
Exploits22References50
Tenable Nessus
Tenable Nessus
added 2004/11/04 12:0 a.m.25 views

Cherokee Web Server URI Traversal Arbitrary File Access

The remote host is running Cherokee - a fast and tiny web server. The remote version of this software is vulnerable to directory traversal flaw when appending a '../' sequence to the web request. Additionally, this version fails to drop root privileges after it binds to listen port. Remote attack...

7.8CVSS5.6AI score0.04072EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2003/06/02 12:0 a.m.34 views

Super-M Son hServer URI Traversal Arbitrary File Access

Super-M Son hServer is vulnerable to a directory traversal. It enables a remote attacker to view any file on the computer with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid11678; scriptversion"1.22";...

5CVSS5.6AI score0.02039EPSS
Exploits0References2
Rows per page
Query Builder