Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 4 days ago3 views

CVE-2026-59995

A flaw was found in OpenSSH. The sftp client, when used to download files from a malicious server with the 'sftp server:/path .' command, does not properly restrict where those files are saved. This allows an attacker to control the download location, potentially overwriting existing files or...

5.4CVSS5.9AI score0.00218EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42137

sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server...

4.2CVSS6AI score0.00218EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 4:35 p.m.35 views

CVE-2026-42315 pyLoad: Path Traversal via Package Folder Name in set_package_data

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the setpackagedata API function call inside the data object with key "folder", there is no sanitization at all, allowing a user with Perms.MODIFY to specify arbitrary...

8.1CVSS0.00395EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.13 views

PT-2026-37264

Name of the Vulnerable Software and Affected Versions pyLoad versions prior to 0.5.0b3.dev100 Description Lack of sanitization in the set package data function allows a user with Perms.MODIFY permissions to specify arbitrary directories as download locations for a package. This occurs when passin...

8.1CVSS5.9AI score0.00395EPSS
Exploits1References7
Intel
Intel
added 2025/11/11 12:0 a.m.8 views

Intel® Rapid Storage Technology Software Advisory

Summary: A potential security vulnerability for the Intel® Rapid Storage Technology software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-24327 Description: Insecure inherited permissions fo...

6.7CVSS6.9AI score0.00108EPSS
Exploits0
Intel
Intel
added 2023/03/10 12:0 a.m.29 views

Intel® RealSense™ DCM Advisory

Summary: A potential security vulnerability in the Intel® RealSense™ Depth Camera Manager DCM software may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2021-33119 Description: Improper access control ...

5.5CVSS5.1AI score0.0024EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:33 a.m.34 views

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Platform Symphony and IBM Spectrum Symphony (CVE-2016-3610 CVE-2016-3598 CVE-2016-3606 CVE-2016-3587 CVE-2016-3511 CVE-2016-3550 CVE-2016-3485)

Summary Vulnerability in IBM Java SDK affects IBM Platform Symphony and IBM Spectrum Symphony Vulnerability Details CVE IDs: CVE-2016-3610 CVE-2016-3598 CVE-2016-3606 CVE-2016-3587 CVE-2016-3511 CVE-2016-3550 CVE-2016-3485 Affected Products and Versions IBM Platform Symphony: 5.2, 6.1.0.1, 6.1.1,...

9.6CVSS0.0669EPSS
Exploits0Affected Software1
0day.today
0day.today
added 2014/09/09 12:0 a.m.26 views

WordPress Epic Arbitrary File Download Vulnerability

WordPress Epic theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data. |||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress epic theme...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/07/13 12:0 a.m.23 views

Apple Safari for Windows and Internet Explorer Combined Code Execution (CVE-2008-2540)

Microsoft Internet Explorer is the most widely used Internet browser. Safari is a web browsing application developed by Apple. A combination of the default download location in Safari and how the Windows desktop handles executables creates a blended threat in which files may be downloaded to a...

9.3CVSS6.8AI score0.08315EPSS
Exploits0
myhack58
myhack58
added 2007/11/26 12:0 a.m.1460 views

Lianzhong ConnectAndEnterRoom ActiveX stack overflow vulnerability(exp)-vulnerability warning-the black bar safety net

exeurl = InputBox "please input the download execution exe of the address:", "input","" 'code by NetPatch if exeurl "" then...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/09/12 12:0 a.m.9 views

Fedora Core 3 : firefox-1.0.1-1.3.1 (2005-182)

This update fixes several security vulnerabilities in Firefox 1.0. It is recommended that all users update to Firefox 1.0.1. Additionally, this update backports several fixes from rawhide. This update enables pango font rendering by default. This update enables smooth scrolling by default. On...

5.5AI score
Exploits0References1
Packet Storm
Packet Storm
added 2005/02/23 12:0 a.m.25 views

rna_deleter.rgp

RealArcade download My Games 06/13/2001 10:51 RealArcade RealNetworks http://www.real.com Copyright 2001, RealNetworks [email protected] RealGames Server RealGames Server games-dl.real.com /gameconsole/games/demorgses/%f Not used in Beta1 Flux 950258D1-7ABD-4afc-8886-449B98CE8224 1.0 Demo RGI...

7.4AI score
Exploits0
Rows per page
Query Builder