Lucene search
K

562 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/20 1:7 a.m.6 views

CVE-2026-26960

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting use...

7.1CVSS5.6AI score0.00288EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.8 views

PT-2026-20374

Name of the Vulnerable Software and Affected Versions node-tar versions 7.5.7 and below node-tar version 7.5.8 Description The node-tar package contains a flaw where an attacker-controlled archive, when extracted using default options, can create a hardlink inside the extraction directory that...

8.8CVSS5.6AI score0.0034EPSS
Exploits1References222
GithubExploit
GithubExploit
added 2026/02/08 10:16 a.m.263 views

Exploit for CVE-2026-1862

CVE-2026-1862 Disclaimer This software has been created pu...

8.8CVSS5.5AI score0.00579EPSS
Exploits1
Cvelist
Cvelist
added 2026/02/06 5:46 p.m.33 views

CVE-2026-23633 Gogs has arbitrary file read/write via path traversal in Git hook editing

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, there is an arbitrary file read/write via path traversal in Git hook editing. This issue has been patched in versions 0.13.4 and 0.14.0+dev...

6.5CVSS0.00456EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/01/29 6:48 a.m.174 views

Exploit for Out-of-bounds Write in Google Chrome

CVE-2025-5419 An uninitialized read vulnerability by incorrec...

8.8CVSS5.9AI score0.06231EPSS
Exploits3
EUVD
EUVD
added 2026/01/28 5:35 p.m.7 views

EUVD-2020-30877

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...

8.4CVSS6AI score0.00271EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : glibc-2.28-164.el8 (AXSA:2021-2585:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2585:08 advisory. glibc: Arbitrary read in wordexp CVE-2021-35942 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c CVE-2021-27645 glibc: mqnotify...

9.8CVSS7.6AI score0.02898EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS5.6AI score0.00225EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.10 views

CVE-2021-33217

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root...

9CVSS6.8AI score0.01376EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.8 views

CVE-2021-22712

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

9.3CVSS7AI score0.00841EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.10 views

CVE-2021-22711

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

9.3CVSS6.9AI score0.00796EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/03 12:25 a.m.6 views

SUSE CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS6.7AI score0.00225EPSS
Exploits0References3
OSV
OSV
added 2025/12/02 7:15 p.m.2 views

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS5.9AI score
Exploits0References2
NVD
NVD
added 2025/12/02 7:15 p.m.7 views

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS0.00225EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/12/02 7:0 p.m.4 views

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS6.7AI score0.00225EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.4 views

PT-2025-48764

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description An improper implementation in WebRTC within Google Chrome could allow a remote attacker to perform arbitrary read/write operations through a specially crafted HTML page. The security...

8.1CVSS6.5AI score0.00225EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/11/20 12:0 a.m.21 views

CVE-2025-63889

The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows attackers to read arbitrary files via crafted file path in a template value...

0.0027EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/11 1:41 p.m.5 views

CVE-2025-11207

Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS8.2AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/10 9:30 p.m.5 views

EUVD-2025-50802

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

5.7AI score0.06776EPSS
Exploits1References3
EUVD
EUVD
added 2025/11/10 9:30 p.m.5 views

EUVD-2025-50779

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.00296EPSS
Exploits0References3
Rows per page
Query Builder