CVE-2025-12003

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...

EUVD-2020-17111

Malware in sbrugna...

EUVD-2016-10267

Malware in sbrugna...

EUVD-2010-1814

Malware in sbrugna...

EUVD-2004-2568

Malware in sbrugna...

EUVD-2008-0323

Malware in sbrugna...

EUVD-2011-3177

Malware in sbrugna...

EUVD-2019-13034

Malicious code in bioql PyPI...

Exploit for Classic Buffer Overflow in Microsoft

PoC exploit for CVE-2017-7269, a vulnerability in Microsoft Inte...

CVE-2012-10062

A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits...

Microsoft WebDAV 安全漏洞

Microsoft WebDAV is an HTTP protocol-based extension for file management and collaborative editing over the Internet from Microsoft USA. A security vulnerability exists in Microsoft WebDAV. An attacker exploiting this vulnerability could execute code. The following products and versions are...

CVE-2018-20000

Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java...

CVE-2022-35202

A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain non-default scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV. This keystor...

CVE-2022-35202

CVE-2022-35202 affects Sitevision 10.3.1 and earlier. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV, protected by a low-complexity, auto-generated password. This could allow a remote attacker, in certain non-default scenarios, to gain access to the...

PT-2025-24329

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to July 2025 Patch Tuesday Description A remote code execution vulnerability exists in the Web Distributed Authoring and Versioning WebDAV component of Microsoft Windows. This flaw, tracked as CVE-2025-33053,...

CVE-2022-37398 A stack-based buffer overflow vulnerability was found on ADM

A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below...

net.adamcin.recap:net.adamcin.recap.addressbook (>=0.8.0 <=1.0.1), net.adamcin.recap:net.adamcin.recap.core (>=0.8.0 <=1.0.1) +16 more potentially affected by CVE-2016-6801 via org.apache.jackrabbit:jackrabbit-webdav (>=2.4.0 <=2.4.5)

org.apache.jackrabbit:jackrabbit-webdav MAVEN version =2.4.0, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0, =1.1.0, =2.1.2, =5.12.0, =5.11.0, =5.12.2 and more Source cves: CVE-2016-6801 Source advisory: OSV:GHSA-9FC7-RHQ3-WM7X...

PT-2020-5795 · Yaws +1 · Yaws Webserver +1

Name of the Vulnerable Software and Affected Versions: Yaws web server versions 1.81 through 2.0.7 Description: The issue is related to the implementation of WebDAV in the Yaws web server, which is vulnerable to XXE injection. This could allow a remote attacker to access confidential data,...

GHSA-5P52-J8PW-J7X5 Improper Restriction of XML External Entity Reference in bedework:bw-webdav

Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java...

Nextcloud: Access to all files of remote user through shared file

Steps to reproduce 1. User A shares a file "movie.mp4" with user B. 2. User B uses webdav to access files e.g. foldersync or nautilus 3. share is shown as regular file using webdav. 4. Copy the file and paste it to the same folder still using webdav. 5. A new folder will appear with the name...