CVE-2026-7325

Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. This issue affects :...

CVE-2026-7325

The CVE-2026-7325 entry applies to Devolutions Server, with affected versions 2026.1.6.0–2026.1.16.0 and 2025.3.20.0 and earlier. The issue is an improper authorization in the Active Directory browsing feature that lets a low-privileged authenticated user obtain authentication material associated...

EUVD-2019-2268

Malware in sbrugna...

EUVD-2006-2212

Malware in sbrugna...

EUVD-2002-0463

Malware in sbrugna...

EUVD-2011-4364

Malware in sbrugna...

EUVD-2005-0337

Malware in sbrugna...

EUVD-2001-0200

Malware in sbrugna...

EUVD-2004-0335

Malware in sbrugna...

EUVD-2000-0870

Malware in sbrugna...

EUVD-2023-38875

Malicious code in bioql PyPI...

EUVD-2022-0366

Malicious code in bioql PyPI...

Files SQL注入漏洞

Files is a single-file PHP application from the individual developer Karl Ward. It can be dragged and dropped into any directory, allowing browsing of the files and directories within. A SQL injection vulnerability exists in Files 0.16.9 and prior versions, which stems from a failure to block...

Files 跨站脚本漏洞

Files is a single-file PHP application by the individual developer Karl Ward. It can be dragged and dropped into any directory, allowing browsing of the files and directories within. A cross-site scripting vulnerability exists in Files versions 1.0 through 1.5.0, which stems from vulnerability to...

CVE-2019-10265

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system/ShowAdvanced.do "File Explorer" screen, it is possible to change the directory in the JavaScript code. If changed to for example "C:" then one can browse the whole server...

CVE-2022-41905

WsgiDAV is a generic and extendable WebDAV server based on WSGI. Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting XSS attacks. This issue has been patched, users can upgrade to version 4.1.0. As a workaround, set dirbrowser.enable = Fal...

CVE-2024-6878 Directory Browsing in Eliz Software's Panel

Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24...

OESA-2024-1630 nautilus security update

It's easier to manage your files for the GNOME desktop. Ability to browse directories on local and remote systems. preview folders and launch related programs. It is also handle icons on the GNOME desktop. Security Fixes: GNOME Nautilus 42.2 allows a NULL pointer dereference and getbasename...

OESA-2024-1632 nautilus security update

It's easier to manage your files for the GNOME desktop. Ability to browse directories on local and remote systems. preview folders and launch related programs. It is also handle icons on the GNOME desktop. Security Fixes: GNOME Nautilus 42.2 allows a NULL pointer dereference and getbasename...

FreeBSD : py-WsgiDAV -- XSS vulnerability (1a15b928-5011-4953-8133-d49e24902fe1)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1a15b928-5011-4953-8133-d49e24902fe1 advisory. - WsgiDAV is a generic and extendable WebDAV server based on WSGI. Implementations using this library...