Lucene search
K

15 matches found

OSV
OSV
added 2026/04/22 6:4 p.m.7 views

USN-8199-1 glance vulnerabilities

Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2024-32498 Hyeongeun Ji and Abhishek Keka...

7.1CVSS5.8AI score0.00835EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0150

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00992EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/08/20 5:58 p.m.44 views

CVE-2025-55746 Directus allows unauthenticated file upload and file modification due to lacking input sanitization

Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents without changes being applied to the files'...

9.3CVSS0.00438EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-47950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the...

6.5CVSS6.7AI score0.01001EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/04/10 12:0 a.m.10 views

Vite 信息泄露漏洞

Vite is a new front-end builder tool open-sourced by Vite. An information disclosure vulnerability exists in Vite, which stems from the fact that the contents of an arbitrary file may be returned to the browser. The following versions are affected: versions prior to 6.2.6, 6.1.5, 6.0.15, 5.4.18,...

6CVSS5.7AI score0.01736EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/05/07 12:0 a.m.3 views

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.4.0 that stems from the ability to view the contents of a specified file in incoming logs when an arbitrary file path is used in the file system collector...

6.5CVSS6.6AI score0.00446EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2023/02/04 1:35 a.m.465 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

cve-2022-44268-detector - detect malicious PNGs cve-2022-4426...

6.5CVSS7.1AI score0.89855EPSS
Exploits28
OSV
OSV
added 2022/09/02 7:10 a.m.25 views

CVE-2022-38170 Overly permissive umask for daemons

In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the --daemon flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via th...

4.7CVSS4.7AI score0.00593EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/01/10 12:0 a.m.562 views

Security Updates for Microsoft Visual Studio Products (January 2019)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the following vulnerability : - An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file. An...

9.3CVSS7.3AI score0.16113EPSS
Exploits0References5
CNVD
CNVD
added 2016/05/11 12:0 a.m.4 views

Microsoft Internet Explorer Information Leakage Vulnerability (CNVD-2016-03017)

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. An information leakage vulnerability exists in Microsoft IE versions 10 and 11, which stems from the program not properly handling...

5.3CVSS6.4AI score0.15511EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/02/05 12:0 a.m.28 views

Advantech WebAccess Dashboard Viewer openWidget Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose arbitrary file contents on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the...

7.8CVSS3.3AI score0.04693EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/06/09 12:0 a.m.20 views

Novell ZENworks Configuration Management FileViewer Information Disclosure (CVE-2015-0783)

An information disclosure vulnerability exists in Novell ZENworks Configuration Management. The vulnerability is due to lack of sanitization on the filename parameter within the FileViewer class. By sending crafted requests to the target server, a remote attacker can leverage this vulnerability t...

4CVSS5.9AI score0.04965EPSS
Exploits0
Cvelist
Cvelist
added 2007/10/26 7:0 p.m.18 views

CVE-2002-2312

Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript 1 event.ctrlKey or 2 event.shiftKey onkeydown event contained in a webpage...

6.8AI score0.01757EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2006/11/15 12:0 a.m.31 views

Verity Ultraseek Request Proxying Vulnerability

This vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spider...

10CVSS2AI score0.06339EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.12 views

Security update for the information disclosure vulnerability in Visual Studio 2012 Update 5 (KB4476755)

An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file...

1.6AI score
Exploits0
Rows per page
Query Builder