Lucene search
K

12 matches found

OSV
OSV
added 5 days ago5 views

PYSEC-2026-309 ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function

The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7.3AI score0.01164EPSS
Exploits1References5
CVE
CVE
added 2026/06/13 2:29 a.m.24 views

CVE-2026-12089

The vulnerability CVE-2026-12089 affects the WordPress plugin “LWS Optimize – All-in-One Speed Booster & Cache Tools” up to version 3.3.19. The root cause is in the combine_current_css() function, which trusts href values harvested from page HTML and converts same-site URLs to absolute filesyste...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/24 12:16 a.m.220 views

CVE-2026-22739 Spring Cloud Config Profile Substitution Can Allow Unintended Access To Files And Enable SSRF Attacks

Vulnerability in Spring Cloud when substituting the profile parameter from a request made to the Spring Cloud Config Server configured to the native file system as a backend, because it was possible to access files outside of the configured search directories.This issue affects Spring Cloud: from...

8.6CVSS0.0122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.5 views

CVE-2022-31549

The olmax99/helm-flask-celery repository before 2022-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01213EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1083

Malware in sbrugna...

7.2CVSS6.4AI score0.00372EPSS
Exploits0References7
OSV
OSV
added 2023/06/08 9:15 p.m.3 views

UBUNTU-CVE-2023-29403

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

7.8CVSS6.7AI score0.00432EPSS
Exploits0References8
OSV
OSV
added 2022/07/11 1:15 a.m.4 views

CVE-2022-31544

The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.8AI score0.01118EPSS
Exploits1References1
OSV
OSV
added 2022/07/11 1:15 a.m.4 views

CVE-2022-31518

The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7.3AI score0.01118EPSS
Exploits1References1
Prion
Prion
added 2007/02/23 10:28 p.m.22 views

Design/Logic Flaw

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."...

7.2CVSS6.8AI score0.00372EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/02/23 10:28 p.m.18 views

CVE-2007-1086

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."...

7.2CVSS6.3AI score0.00372EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/02/23 10:0 p.m.23 views

CVE-2007-1086

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."...

6.3AI score0.00372EPSS
Exploits0References6
CVE
CVE
added 2007/02/23 10:0 p.m.54 views

CVE-2007-1086

IBM DB2 vulnerable components: 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2. Local users can create or modify arbitrary files via unsafe file access controlled by unspecified environment variables. Root cause: environment-variable handling allows file writes. Impact is limited to local atta...

7.2CVSS6.3AI score0.00372EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder