Lucene search
K

2055 matches found

CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

DB-GPT 安全漏洞

DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. A security vulnerability exists in DB-GPT version 0.6.0, which stems from an arbitrary file write vulnerability in the RAG-knowledge endpoint, which allows an attacker to write a file to ...

9.1CVSS9.1AI score0.00593EPSS
Exploits1References1
CISA
CISA
added 2025/03/19 12:0 p.m.135 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-1316link is external Edimax IC-7100 IP Camera OS Command Injection Vulnerability CVE-2024-48248link is external NAKIVO Backup and Replication Absolute Path...

9.8CVSS7.8AI score0.94557EPSS
In wildExploits7References8
CISA KEV Catalog
CISA KEV Catalog
added 2025/03/19 12:0 a.m.42 views

NAKIVO Backup and Replication Absolute Path Traversal Vulnerability

NAKIVO Backup and Replication contains an absolute path traversal vulnerability that enables an attacker to read arbitrary files...

8.6CVSS6.9AI score0.93995EPSS
In wildExploits2
VulnCheck KEV
VulnCheck KEV
added 2025/03/16 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-48248

NAKIVO Backup and Replication contains an absolute path traversal vulnerability that enables an attacker to read arbitrary files...

8.6CVSS7.4AI score0.93995EPSS
Exploits2References1
OSV
OSV
added 2025/03/12 5:29 p.m.7 views

OPENSUSE-SU-2025:0090-1 Security update for ark

This update for ark fixes the following issues: - CVE-2024-57966: Disable extraction to absolute path from an archive boo1236737...

5CVSS6.7AI score0.0026EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/12 9:53 a.m.6 views

CVE-2025-2239 Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall

Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23...

5.3CVSS5.4AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/12 9:53 a.m.28 views

CVE-2025-2239 Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall

Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23...

5.3CVSS0.00338EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/03/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-13161

Ivanti Endpoint Manager EPM contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information...

9.8CVSS5.8AI score0.88518EPSS
Exploits1References1
CISA KEV Catalog
CISA KEV Catalog
added 2025/03/10 12:0 a.m.26 views

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager EPM contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information...

9.8CVSS7.2AI score0.89738EPSS
In wildExploits1
RedhatCVE
RedhatCVE
added 2025/03/05 3:26 p.m.5 views

CVE-2025-25162

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in kutu62 Sports Rankings and Lists sports-rankings-lists allows Absolute Path Traversal.This issue affects Sports Rankings and Lists: from n/a through = 1.0.2...

7.5CVSS7.2AI score0.00719EPSS
Exploits0References1
NVD
NVD
added 2025/03/04 8:15 a.m.28 views

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

8.6CVSS0.93995EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2015-2304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an...

6.4CVSS7.3AI score0.0489EPSS
Exploits1References2
CVE
CVE
added 2025/03/04 12:0 a.m.203 views

CVE-2024-48248

CVE-2024-48248 affects NAKIVO Backup & Replication prior to 11.0.0.88174. The vulnerability is an absolute path traversal via getImageByPath to /c/router, leading to unauthenticated arbitrary file read with potential remote code execution across the enterprise when cleartext credentials are expos...

8.6CVSS9AI score0.93995EPSS
In wildExploits2References4Affected Software1
NVD
NVD
added 2025/03/03 2:15 p.m.6 views

CVE-2025-25162

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in kutu62 Sports Rankings and Lists sports-rankings-lists allows Absolute Path Traversal.This issue affects Sports Rankings and Lists: from n/a through = 1.0.2...

7.5CVSS0.00719EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2010-2322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Absolute path traversal vulnerability in the extractjar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via...

2.6CVSS6AI score0.03365EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.2 views

WordPress plugin Sports Rankings and Lists 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

7.5CVSS8.9AI score0.00719EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/14 6:24 p.m.10 views

CVE-2024-6097

In Progress® Telerik® Reporting versions prior to 2025 Q1 19.0.25.211, information disclosure is possible by a local threat actor through an absolute path vulnerability...

5.3CVSS6.2AI score0.00471EPSS
Exploits0References1
OSV
OSV
added 2025/02/14 12:13 p.m.4 views

OESA-2025-1132 ark security update

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed. Security Fixes: libarchiveplugin.cp...

5CVSS6.9AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2025/02/14 12:13 p.m.3 views

OESA-2025-1133 ark security update

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed. Security Fixes: libarchiveplugin.cp...

5CVSS6.9AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2025/02/14 12:13 p.m.3 views

OESA-2025-1131 ark security update

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed. Security Fixes: libarchiveplugin.cp...

5CVSS6.9AI score0.0026EPSS
Exploits0References2
Rows per page
Query Builder