Lucene search
+L

34 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.9 views

TencentOS Server 3: perl:5.32 (TSSA-2026:0325)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0325 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.9CVSS7.4AI score0.0037EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/14 6:25 p.m.9 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to insufficient path sanitization in the osfs.ChrootOS component. An attacker can gain unauthorized access to unintended filesystem locations by supplying crafted paths containing directory traversal sequences...

8.6CVSS6.3AI score0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.13 views

PT-2026-7578

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

5.3CVSS5.5AI score0.00537EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.5 views

EulerOS Virtualization 2.10.0 : perl (EulerOS-SA-2026-1189)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open...

5.9CVSS6AI score0.0037EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Perl

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any...

5.9CVSS7.7AI score0.0037EPSS
Exploits0References3
CVE
CVE
added 2025/10/15 1:55 p.m.20 views

CVE-2025-54755

CVE-2025-54755 : A directory traversal vulnerability in BIG-IP Configuration utility (TMUI) allows a highly privileged authenticated attacker to access files beyond the intended directories. Affected products include BIG-IP TMUI/Configuration utility (BIG-IP Next branches listed); impact is uncon...

6.9CVSS5.5AI score0.0111EPSS
Exploits0References1Affected Software21
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2019-1154

Malware in sbrugna...

5.5CVSS5.6AI score0.00309EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-19730

Malicious code in bioql PyPI...

7.3CVSS6.5AI score0.00694EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19727

Malicious code in bioql PyPI...

7.3CVSS6.6AI score0.00502EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/16 3:6 p.m.6 views

Security Bulletin: AIX/VIOS is vulnerable to a race condition in directory handling due to Perl (CVE-2025-40909)

Summary Vulnerability in Perl could allow a local attacker to load code or access files from unexpected locations CVE-2025-40909. AIX uses Perl in various operating system components. Vulnerability Details CVEID:CVE-2025-40909 DESCRIPTION: Perl threads have a working directory race condition wher...

5.9CVSS6.4AI score0.0037EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

EulerOS 2.0 SP12 : perl (EulerOS-SA-2025-2051)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths.If a directory handle is open at thread...

5.9CVSS7AI score0.0037EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.7 views

EulerOS 2.0 SP11 : perl (EulerOS-SA-2025-1964)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread...

5.9CVSS7AI score0.0037EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/04 3:24 p.m.9 views

CVE-2025-53109

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01...

7.3CVSS6.3AI score0.00694EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/04 3:24 p.m.20 views

CVE-2025-53110

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 o...

7.3CVSS6.3AI score0.00502EPSS
Exploits0References1
Veracode
Veracode
added 2025/07/03 4:30 a.m.8 views

Symbolic Link Traversal

@modelcontextprotocol/server-filesystem is vulnerable to Symbolic Link Traversal. The vulnerability is due to insufficient validation of symbolic links within allowed directories, which allows an attacker to access unintended files by leveraging symlinks to bypass directory restrictions...

7.3CVSS6.2AI score0.00694EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/07/02 3:15 p.m.8 views

CVE-2025-53109

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01...

7.3CVSS0.00694EPSS
Exploits0References2
OSV
OSV
added 2025/07/02 2:30 p.m.13 views

CVE-2025-53109 Model Context Protocol Servers Vulnerable to Path Validation Bypass via Prefix Matching and Symlink Handling

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files via symlinks within allowed directories. Users are advised to upgrade to 0.6.4 or 2025.7.01...

7.3CVSS6.7AI score0.00694EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/02 2:30 p.m.3 views

CVE-2025-53110 Model Context Protocol Servers Vulnerable to Path Validation Bypass via Colliding Path Prefix

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 o...

7.3CVSS7.1AI score0.00502EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/02 2:30 p.m.13 views

CVE-2025-53110 Model Context Protocol Servers Vulnerable to Path Validation Bypass via Colliding Path Prefix

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 o...

7.3CVSS0.00502EPSS
Exploits0References2
OSV
OSV
added 2025/07/02 2:30 p.m.7 views

CVE-2025-53110 Model Context Protocol Servers Vulnerable to Path Validation Bypass via Colliding Path Prefix

Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. Versions of Filesystem prior to 0.6.4 or 2025.7.01 could allow access to unintended files in cases where the prefix matches an allowed directory. Users are advised to upgrade to 0.6.4 o...

7.3CVSS6.7AI score0.00502EPSS
Exploits0References4
Rows per page
Query Builder