Lucene search
+L

2087 matches found

vulnrichment
vulnrichment
added 2026/04/02 5:14 p.m.4 views

CVE-2026-34523 SillyTavern: Path traversal allows file existence oracle

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticate...

5.3CVSS5.8AI score0.00449EPSS
Exploits1References2
cvelist
cvelist
added 2026/04/02 5:14 p.m.23 views

CVE-2026-34523 SillyTavern: Path traversal allows file existence oracle

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticate...

5.3CVSS0.00449EPSS
Exploits1References2
cve
cve
added 2026/04/02 5:14 p.m.11 views

CVE-2026-34523

SillyTavern (pre-1.17.0) had a path traversal flaw in the static file route handler that allowed unauthenticated users to check for the existence of files on the server by sending percent-encoded ../ sequences. The vulnerability hinges on decoding the request, using fs.existsSync to test path exi...

5.3CVSS5.8AI score0.00449EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/04/02 5:14 p.m.2 views

CVE-2026-34523 SillyTavern: Path traversal allows file existence oracle

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, a path traversal vulnerability in the static file route handler allows any unauthenticate...

5.3CVSS5.9AI score0.00449EPSS
Exploits1References4
github
github
added 2026/04/01 9:40 p.m.22 views

SillyTavern: Path Traversal allows file existence oracle

Summary A path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. By sending percent-encoded ../ sequences %2E%2E%2F in requests to static file routes, an attacker can check for the existen...

5.3CVSS5.9AI score0.00449EPSS
Exploits1References4Affected Software1
osv
osv
added 2026/04/01 9:40 p.m.5 views

GHSA-525J-2HRJ-M8FP SillyTavern: Path Traversal allows file existence oracle

Summary A path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. By sending percent-encoded ../ sequences %2E%2E%2F in requests to static file routes, an attacker can check for the existen...

5.3CVSS5.9AI score0.00449EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.4 views

PT-2026-29661

Summary A path traversal vulnerability in the static file route handler allows any unauthenticated user to determine whether files exist anywhere on the server's filesystem. By sending percent-encoded ../ sequences %2E%2E%2F in requests to static file routes, an attacker can check for the existen...

5.3CVSS5.9AI score0.00449EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.9 views

PT-2026-29529

The login mechanism of Sage DPW 2021 06 004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 2021 06 000. On-premise administrators can toggle this behavior in newer versions...

3.7CVSS5.8AI score0.00264EPSS
Exploits0References3
redos
redos
added 2026/04/01 12:0 a.m.7 views

ROS-20260401-73-0040

Vulnerability in golang-x-net related to insufficient control of the resource during its existence. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.3CVSS7.1AI score0.00502EPSS
Exploits0
cvelist
cvelist
added 2026/03/30 7:7 p.m.37 views

CVE-2026-21715

A flaw in Node.js Permission Model filesystem enforcement leaves fs.realpathSync.native without the required read permission checks, while all comparable filesystem functions correctly enforce them. As a result, code running under --permission with restricted --allow-fs-read can still use...

3.3CVSS0.00158EPSS
Exploits0References1
osv
osv
added 2026/03/27 7:14 a.m.10 views

BIT-PARSE-2026-33323 Parse Server: Email verification resend page leaks user existence

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.51 and 9.6.0, the Pages route and legacy PublicAPI route for resending email verification links return distinguishable responses depending on whether the provided username...

6.3CVSS5.8AI score0.00322EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/03/26 3:0 p.m.5 views

CVE-2026-33329

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References1
snyk
snyk
added 2026/03/25 7:53 p.m.1 views

Information Exposure

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Information Exposure via the userRecoverPass.php endpoint. An attacker can obtain information about the existence and status of user accounts by sending crafted...

6.9CVSS5.8AI score0.00278EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2026/03/25 1:29 p.m.8 views

CVE-2026-3104 Memory leak in code preparing DNSSEC proofs of non-existence

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS5.8AI score0.00698EPSS
Exploits0References3
cvelist
cvelist
added 2026/03/25 1:29 p.m.34 views

CVE-2026-3104 Memory leak in code preparing DNSSEC proofs of non-existence

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS0.00698EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2026/03/25 12:0 a.m.4 views

CVE-2026-3104

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through...

7.5CVSS7.3AI score0.00698EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/03/24 7:14 p.m.3 views

CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References3
cvelist
cvelist
added 2026/03/24 7:14 p.m.21 views

CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS0.00444EPSS
Exploits1References3
cve
cve
added 2026/03/24 7:14 p.m.15 views

CVE-2026-33329

FileRise is affected by a path traversal in the resumableIdentifier used by the UploadModel::handleUpload() function. From version 1.0.1 up to but excluding 3.10.0, unsanitized paths allow an authenticated user with upload permission to write files to arbitrary directories, perform post-assembly ...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References3Affected Software1
osv
osv
added 2026/03/24 7:14 p.m.6 views

CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References5
Rows per page
Query Builder