Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/06/18 12:0 a.m.11 views

PT-2026-50823

External Control of File Name or Path in xDS SDS DataSource Summary DataSourceStream in the :xds module resolves control-plane-supplied filename and environment variable fields from SDS Secret resources without any allow-list or base-directory confinement. A semi-trusted or compromised xDS contro...

5.9CVSS5.5AI score0.00198EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/23 8:39 p.m.1 views

CVE-2026-6941

radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside the configured project directory by importing a malicious .zrp archive containing a symlinked notes.txt file. Attackers can craft a .zrp archive with a...

6.9CVSS5.9AI score0.00198EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/03/26 3:11 p.m.3 views

CVE-2026-32020

OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read arbitrary files...

5.5CVSS5.9AI score0.00131EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/02/17 4:43 p.m.10 views

OpenClaw has an arbitrary transcript path file write via gateway sessionFile

Summary In OpenClaw versions prior to 2026.2.12, the gateway accepted an untrusted sessionFile path when resolving the session transcript file. This could allow an authenticated gateway client to create and append OpenClaw session transcript records at an arbitrary path on the gateway host...

8.1CVSS6.7AI score0.00363EPSS
Exploits0References7Affected Software1
Veracode
Veracodeadded 2020/04/10 12:37 a.m.18 views

Privilege Escalation

systemtap is vulnerable to privilege escalation. A race condition was discovered in SystemTap that could allow users in the stapusr group to elevate privileges to that of members of the stapdev group and hence root, bypassing directory confinement restrictions and allowing them to insert arbitrar...

6.3CVSS4.5AI score0.00257EPSS
Exploits1References10Affected Software1
OpenVAS
OpenVASadded 2011/08/09 12:0 a.m.19 views

CentOS Update for systemtap CESA-2009:0373 centos4 i386

Check for the Version of systemtap OpenVAS Vulnerability Test CentOS Update for systemtap CESA-2009:0373 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

6.9CVSS6.4AI score0.00257EPSS
Exploits1References2
Cent OS
Cent OSadded 2009/03/26 5:22 p.m.63 views

systemtap security update

CentOS Errata and Security Advisory CESA-2009:0373 Updated systemtap packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SystemTap is an instrumentation...

6.3CVSS5.9AI score0.00257EPSS
Exploits1References8
Rows per page
Query Builder