100 matches found
EUVD-2018-1287
Malware in sbrugna...
EUVD-2008-4112
Malware in sbrugna...
EUVD-2015-0145
Malware in sbrugna...
EUVD-2020-24523
Malware in sbrugna...
EUVD-2021-6763
Malicious code in bioql PyPI...
EUVD-2022-35275
Malicious code in bioql PyPI...
ROS-20250619-14
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250619-12
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250619-10
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
ROS-20250619-09
The vulnerability in the Golang programming language is related to input validation errors when processing directory traversal sequences in file names. Exploitation of the vulnerability could allow an attacker to perform directory traversal attacks...
ROS-20250619-13
The vulnerability of Pgpool-II connection balancing and management software tools is related to errors of input validation errors when processing directory traversal sequences in filenames. Exploitation exploitation of the vulnerability could allow a remote attacker to perform directory traversal...
CVE-2022-30061
ftcms =2.1 was discovered to be vulnerable to directory traversal attacks via the parameter tp...
CVE-2022-35918
Streamlit is a data oriented application development framework for python. Users hosting Streamlit apps that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially othe...
CVE-2021-3152
Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. NOTE: the vendor's perspective is that the vulnerability itself is in custom integrations written by third parties, not in Home Assistant; however, Hom...
CVE-2024-4315
parisneo/lollms version 9.5 is vulnerable to Local File Inclusion LFI attacks due to insufficient path sanitization. The sanitizepathfromendpoint function fails to properly sanitize Windows-style paths backward slash \, allowing attackers to perform directory traversal attacks on Windows systems...
Directory Traversal
path-sanitizer is vulnerable to Path Traversal. The vulnerability is due to insufficient sanitization of input paths, allowing attackers to bypass filters using .= %5c, potentially enabling directory traversal attacks...
CVE-2024-47611
XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...
ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure Vulnerability
ABB Cylon Aspect version 3.08.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script is not properly verified before being used to download log files. This can be exploited to disclose the contents o...
ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure
ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...
CVE-2024-6255
GAIZHENBIAO/CHUANHUCHATGPT 20240410 suffers a directory-traversal vulnerability in its JSON file handling, enabling deletion of arbitrary server JSON files (e.g., config.json, ds_config_chatbot.json). Root cause: improper validation of file paths. Impact: potential disruption of the system, manip...