Lucene search
K

6 matches found

NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-50203

A path traversal in the SFTP provider SFTPHook.retrievedirectory / SFTPOperatoroperation=get let a malicious or compromised remote SFTP server write files outside the configured local destination directory via crafted directory-entry names. No Airflow account is required — the attack surface is a...

9.1CVSS0.00626EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 7:16 p.m.12 views

UBUNTU-CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References6
CNVD
CNVD
added 2020/05/18 12:0 a.m.2 views

Readdle Documents app cross-site scripting vulnerability

Readdle Documents app is a document manager from Readdle Ukraine. The product supports viewing EPUB eBooks, viewing Word and Excel documents and more. A security vulnerability exists in iOS-based versions of the Readdle Documents app prior to 6.9.7, which stems from a failure of the file transfer...

6.1CVSS6.7AI score0.00696EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/05/17 11:5 p.m.15 views

CVE-2019-20802

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an...

6.1AI score0.00696EPSS
Exploits1References2
PyPA
PyPA
added 2018/11/18 5:29 p.m.9 views

PYSEC-2018-18

Jupyter Notebook before 5.7.2 allows XSS via a crafted directory name because notebook/static/tree/js/notebooklist.js handles certain URLs unsafely...

6.1CVSS6.1AI score0.01323EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2016/09/19 12:0 a.m.6 views

OwnCloud Server and Nextcloud Server Cross-Site Scripting Vulnerabilities

OwnCloud is a free and open source personal cloud storage solution from OwnCloud Germany.Nextcloud is an open source self-hosted file synchronization and sharing communication application platform.OwnCloud Server and Nextcloud Server are both a server version of one of them. A cross-site scriptin...

5.4CVSS6AI score0.01373EPSS
Exploits1References1
Rows per page
Query Builder