Lucene search
K

30 matches found

NVD
NVD
added 2026/06/25 7:16 p.m.10 views

CVE-2026-54097

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, a low-privileged authenticated user of filebrowser with create + delete permissions in their own isolated scope can silently destroy share-link...

7.2CVSS0.00411EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 6:26 p.m.4 views

GO-2026-5159 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix in github.com/filebrowser/filebrowser

File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix in github.com/filebrowser/filebrowser...

7.2CVSS5.8AI score0.00411EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 3:25 p.m.4 views

EUVD-2026-39443

The K2 frontend item.checkin task accepts an unauthenticated sigProFolder query parameter and uses it directly to address a JFolder::delete call under /media/k2/galleries/...

6.5CVSS5.8AI score0.00159EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From the abort path, nftmapelemactivate needs to restore refcounters to their original state. Currently, it uses set-ops-walk to iterate over these set elements. The...

5.5CVSS6.1AI score0.00262EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.10 views

PT-2026-37158

Name of the Vulnerable Software and Affected Versions Distribution versions prior to 3.1.1 Description An authorization bypass exists where tag deletion via the "/v2//manifests/" endpoint ignores the storage.delete.enabled: false configuration. This allows any API client to remove tags from...

6.5CVSS5.8AI score0.00294EPSS
Exploits1References45
NVD
NVD
added 2026/04/06 8:16 p.m.5 views

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS0.00386EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2026/04/06 7:8 p.m.5 views

CVE-2026-35172

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared dige...

7.5CVSS5.3AI score0.00386EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/05 8:38 p.m.4 views

CVE-2026-28442

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be...

8.5CVSS5.9AI score0.00304EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/14 12:0 a.m.5 views

PT-2025-51151

Name of the Vulnerable Software and Affected Versions Computer Book Store version 1.0 Description A weakness exists in Computer Book Store version 1.0 related to SQL injection. The issue is located in the /admin delete.php file, specifically within an unknown function. Manipulation of the bookisb...

9.8CVSS7.4AI score0.00333EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-25906

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00181EPSS
Exploits1References3
NVD
NVD
added 2025/09/18 2:15 p.m.4 views

CVE-2022-50377

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
CVE
CVE
added 2025/09/18 1:32 p.m.19 views

CVE-2022-50377

CVE-2022-50377 is rejected by the CVE Numbering Authority and not an active entry.

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.7 views

PT-2025-38325

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ext4 file system related to inode eviction. Specifically, in the ext4 evict inode function, a race condition can occur when evicting an inode ...

6.3AI score
Exploits0References7
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.1 views

SourceCodester Online Student File Management 安全漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A security vulnerability exists in SourceCodester Online Student File Management version 1.0, which originates from an incorrect manipulation of the parameter studentid in the file...

8.8CVSS6.9AI score0.00311EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/27 12:0 a.m.9 views

CVE-2025-54598

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI...

0.00181EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/08/10 12:0 a.m.4 views

LitmusChaos 安全漏洞

LitmusChaos is a program open-sourced by Litmus Chaos that practices chaos engineering in a cloud-native manner. A security vulnerability exists in LitmusChaos 3.19.0 and earlier versions, which stems from a lack of authorization for the parameter projectID in the file /auth/deleteproject, which...

5.5CVSS5.5AI score0.00343EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/10/07 12:0 a.m.5 views

BlueCMS 安全漏洞

BlueCMS is a content management system CMS based on PHP and MySQL. A security vulnerability exists in BlueCMS version 1.6, which originates from arbitrary file deletion via the filename parameter in the /admin/database.php?act=del request...

4.9CVSS7AI score0.00326EPSS
Exploits0References3
OSV
OSV
added 2024/08/30 8:15 a.m.1 views

DEBIAN-CVE-2024-44944

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nfexpectgetid helper function to calculate the expectation ID, otherwise LSB of the expectation object address is...

5.5CVSS5.6AI score0.00239EPSS
Exploits0References1
OSV
OSV
added 2024/08/12 5:15 p.m.4 views

CVE-2024-42627

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/snippet/delete/3...

8.8CVSS5.8AI score0.00279EPSS
Exploits1References1
OSV
OSV
added 2024/03/08 12:15 p.m.4 views

CVE-2024-2317

A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. This issue affects some unknown processing of the file /prescription/prescription/delete/ of the component Prescription Page. The manipulation leads to improper authorization. The attack may be...

9.1CVSS4.7AI score0.00838EPSS
Exploits1References3
Rows per page
Query Builder