Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/12 9:31 p.m.3 views

GHSA-3934-423W-4JQ3 HashiCorp Nomad vulnerable to symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00009EPSS
Exploits0References5
Snyk
Snykadded 2026/05/12 9:20 p.m.4 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the exec2 process. An attacker can access or modify arbitrary files on the client host by exploiting symbolic link handling. Remediation Upgrade github.com/hashicorp/nomad-driver-exec2/plugin to version 0.1.2 or highe...

6.7CVSS5.9AI score0.00027EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/05/12 8:16 p.m.7 views

CVE-2026-6959

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.8AI score0.00009EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/12 6:59 p.m.7 views

CVE-2026-6959 Nomad vulnerable to arbitrary file read/write on client host through symlink attack

HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-6959 is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11...

6CVSS5.9AI score0.00009EPSS
Exploits0References1
CVE
CVEadded 2025/10/22 7:29 p.m.22 views

CVE-2025-62611

Summary: CVE-2025-62611 affects the aiomysql Python library used to access MySQL from asyncio. Prior to version 0.3.0, client-side settings are not validated before sending local files to the server, enabling a rogue MySQL server to request arbitrary client files via a LOAD_LOCAL packet. This vul...

8.2CVSS6.3AI score0.00067EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/10/22 4:47 p.m.7 views

aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...

8.2CVSS6.5AI score0.00067EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2013-2944

Malware in sbrugna...

8.5CVSS6.1AI score0.01244EPSS
Exploits0References10
CVE
CVEadded 2002/03/15 5:0 a.m.47 views

CVE-2002-0131

CVE-2002-0131 : The ActivePython ActiveX control for Python in the AXScript package, used in Internet Explorer, can be exploited to read arbitrary files from the client’s filesystem via a malicious web page containing Python script. The root cause is that the control does not prevent script from ...

5CVSS7AI score0.03038EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder