Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogโ€ขadded 2026/05/19 3:38 p.m.โ€ข6 views

zrok copy writes attacker-controlled WebDAV paths outside the destination root

Summary Alice runs zrok2 copy from a WebDAV or zrok drive controlled by Bob into a local filesystem target. Bob returns a DAV href such as /../outside.txt. The sync pipeline stores that path in the source inventory and passes it to FilesystemTarget.WriteStream, which joins it with the target root...

5.8AI score0.00061EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistโ€ขadded 2025/11/25 7:28 a.m.โ€ข7 views

CVE-2025-12003

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...

8.2CVSS0.00311EPSS
Exploits0References1
Positive Technologies
Positive Technologiesโ€ขadded 2023/10/16 12:0 a.m.โ€ข2 views

PT-2023-29651 ยท South River Technologies ยท Titan Mftย +1

Name of the Vulnerable Software and Affected Versions: South River Technologies' Titan MFT and Titan SFTP servers affected versions not specified Description: The issue is related to insufficient path validation when writing a file via WebDAV, allowing an authenticated attacker to write a file to...

9.1CVSS5.7AI score0.00504EPSS
Exploits3References6
Rows per page
Query Builder