Lucene search
K

2055 matches found

Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.6 views

PT-2025-34494 · Tableau · Tableau Server

Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19 Description: An improper input validation issue exists in the tabdoc api - create-data-source-from-file-upload...

8.5CVSS6.5AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.6 views

PT-2025-34344 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong is susceptible to an arbitrary file reading issue. This allows remote attackers with regular privileges to exploit absolute path traversal and download...

7.1CVSS7.2AI score0.00502EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.7 views

PT-2025-34343 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong is susceptible to an arbitrary file reading issue. This allows remote attackers with regular privileges to exploit an Absolute Path Traversal flaw to...

7.1CVSS7.1AI score0.00502EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/20 4:27 p.m.6 views

CVE-2025-54118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

5.3CVSS6.5AI score0.00399EPSS
Exploits1References1
NVD
NVD
added 2025/08/18 4:15 p.m.7 views

CVE-2025-54118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

5.3CVSS0.00399EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/08/18 3:59 p.m.3 views

CVE-2025-54118 NamelessMC allows sensitive information disclosure in member list component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

5.3CVSS7.2AI score0.00399EPSS
Exploits1References2
CVE
CVE
added 2025/08/18 3:59 p.m.20 views

CVE-2025-54118

CVE-2025-54118 affects NamelessMC before version 2.2.4, where an unauthenticated attacker can disclose sensitive information (e.g., absolute path of the source code) via the list parameter in the member list component. The issue was fixed in 2.2.4. The provided connected sources confirm the vulne...

5.3CVSS6.6AI score0.00399EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/08/18 3:59 p.m.5 views

CVE-2025-54118 NamelessMC allows sensitive information disclosure in member list component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

5.3CVSS7AI score0.00399EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/08/18 12:0 a.m.6 views

PT-2025-33665 · Unknown · Namelessmc

Name of the Vulnerable Software and Affected Versions: NamelessMC versions prior to 2.2.4 Description: NamelessMC is a website software for Minecraft servers. A sensitive information disclosure issue exists in versions prior to 2.2.4, allowing an unauthenticated remote attacker to gain sensitive...

5.3CVSS7.2AI score0.00399EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-40590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after...

7.8CVSS7.2AI score0.00465EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/15 9:28 a.m.9 views

CVE-2025-8909

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS7.4AI score0.0059EPSS
Exploits0References1
OSV
OSV
added 2025/08/13 10:15 a.m.1 views

CVE-2025-8912

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

8.7CVSS5.9AI score0.00536EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/13 9:13 a.m.5 views

CVE-2025-8912 WellChoose|Organization Portal System - Arbitrary File Reading through Path Traversal

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...

8.7CVSS7.5AI score0.00536EPSS
Exploits0References2
CVE
CVE
added 2025/08/13 9:13 a.m.20 views

CVE-2025-8912

CVE-2025-8912 affects WellChoose Organization Portal System with an Arbitrary File Reading vulnerability via Absolute Path Traversal. Public data describes an unauthenticated remote attacker being able to download arbitrary system files. The CVE metrics indicate NETWORK access, low attack complex...

8.7CVSS7.5AI score0.00536EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/08/13 9:3 a.m.7 views

CVE-2025-8909 WellChoose|Organization Portal System - Arbitrary File Reading through Path Traversal

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files...

7.1CVSS0.0059EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/13 12:0 a.m.7 views

PT-2025-32972 · Wellchoose · Organization Portal System

Name of the Vulnerable Software and Affected Versions: Organization Portal System affected versions not specified Description: The Organization Portal System developed by WellChoose contains an arbitrary file reading flaw. This allows remote attackers with regular privileges to exploit Absolute...

7.1CVSS7.1AI score0.0059EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-5115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim...

6.3CVSS6.9AI score0.00859EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/08/06 7:0 a.m.5 views

Absolute path traversal in zip:unzip/1,2

...

4.8CVSS7AI score0.00226EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/31 5:7 a.m.10 views

CVE-2025-53079

Absolute Path Traversal in Samsung DMSData Management Server allows authenticated attacker Administrator to read sensitive files...

4.9CVSS6AI score0.00456EPSS
Exploits0References1
NVD
NVD
added 2025/07/29 5:15 a.m.3 views

CVE-2025-53079

Absolute Path Traversal in Samsung DMSData Management Server allows authenticated attacker Administrator to read sensitive files...

4.9CVSS0.00456EPSS
Exploits0References1
Rows per page
Query Builder