Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.10 views

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS5.6AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-35078

The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS5.6AI score0.0037EPSS
Exploits0References1
NVD
NVD
added 2026/06/03 1:16 p.m.23 views

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:40 a.m.9 views

CVE-2026-35080

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 10:39 a.m.13 views

EUVD-2026-34074

The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.11 views

PT-2026-45921

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.9 views

PT-2026-45917

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files. This is caused by insufficient validation of...

8.1CVSS5.6AI score0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.12 views

PT-2026-45920

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-38959

Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.4 Description An unauthenticated path traversal issue exists in the '/api.app/attachment/preview' endpoint. This allows remote attackers to read arbitrary local files and trigger the deletio...

8.8CVSS6AI score0.17015EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 9:38 p.m.8 views

CVE-2021-25362

An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files...

6.8CVSS6.6AI score0.00104EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.4 views

SUSE CVE-2021-21343

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on...

5.9CVSS7.3AI score0.46666EPSS
Exploits1References7
NVD
NVD
added 2023/02/01 3:15 a.m.10 views

CVE-2023-0454

OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. This is possible because the application uses an unsanitized attacker-controlled parameter to construct an internal path...

8.1CVSS7.9AI score0.00986EPSS
Exploits1References2
OSV
OSV
added 2023/01/18 9:15 p.m.5 views

CVE-2022-45924

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The endpoint itemtemplate.createtemplate2 allows a low-privilege user to delete arbitrary files on the server's local filesystem...

8.1CVSS5.9AI score0.01374EPSS
Exploits3References3
OSV
OSV
added 2021/04/09 6:15 p.m.4 views

CVE-2021-25363

An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files...

6.1CVSS6.4AI score0.00106EPSS
Exploits0References2
OSV
OSV
added 2021/04/09 6:15 p.m.5 views

CVE-2021-25362

An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files...

6.1CVSS5.8AI score0.00104EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/04/09 5:36 p.m.17 views

CVE-2021-25363

An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files...

6.8CVSS6.7AI score0.00106EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/06/11 9:29 p.m.22 views

CVE-2017-5409

The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows...

5.5CVSS6.9AI score0.00362EPSS
Exploits1References2
exploitpack
exploitpack
added 2002/08/15 12:0 a.m.12 views

Microsoft Windows XP - HCP URI Handler Abuse

Microsoft Windows XP - HCP URI Handler Abuse source: https://www.securityfocus.com/bid/5478/info Microsoft Internet Explorer on Windows XP comes equipped with a protocol handler for the 'Help and Support Center' application. The protocol handler may be specified in links, and when such a link is...

7.4AI score
Exploits0
Rows per page
Query Builder