Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/05 5:52 p.m.7 views

CVE-2026-59510

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.getfilepath function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, withou...

7.1CVSS5.9AI score0.00372EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root...

7.1CVSS6AI score0.00126EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53149

CVE-2026-53149 affects the Linux kernel Thunderbolt code path, where __tb_property_parse_dir() may read beyond the root directory block due to missing bounds checks on content_offset/content_len. The issue could allow reading past a directory block, with high impact to confidentiality and availab...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2025/08/15 8:32 p.m.13 views

CVE-2025-8959 HashiCorp go-getter Vulnerable to Arbitrary Read through Symlink Attack

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...

7.5CVSS0.00507EPSS
Exploits0References1
Rows per page
Query Builder