Lucene search
K

287 matches found

ATTACKERKB
ATTACKERKB
added 6 days ago4 views

CVE-2026-48944

The K2 frontend article-save handler accepts an attachmentNexisting POST field that is concatenated with JPATHSITE/ and passed to JFile::copy. JPath::clean does NOT strip .., and there is no allow-list of source paths. An Author can therefore copy configuration.php or any other file readable by t...

6.5CVSS5.9AI score0.00295EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in ffmpeg

Before ffmpeg version 4.3, the tty demuxer did not have a ‘readprobe’ function assigned to it. By creating a legitimate “ffconcat” file that references an image, followed by a file that triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long ...

5.5CVSS6.8AI score0.0088EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Grunt

The file.copy operations in GruntJS are vulnerable to a TOCTOU race condition, which can lead to arbitrary file writes in the GitHub repository gruntjs/grunt before version 1.5.3. This vulnerability allows for arbitrary file writes, which can lead to local privilege escalation to the GruntJS user...

7.8CVSS7.2AI score0.00296EPSS
Exploits1References1
NVD
NVD
added 2026/06/09 9:16 a.m.9 views

CVE-2026-7542

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via the adminfoote...

6.5CVSS0.00252EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/09 7:49 a.m.5 views

CVE-2026-7542

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via the adminfoote...

6.5CVSS5.3AI score0.00252EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/09 7:49 a.m.12 views

EUVD-2026-35376

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to and including 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via t...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.7 views

CVE-2026-45403

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the AnythingLLM agent filesystem copy tool validates only the top-level source and destination paths. The recursive copy helper then descends into child...

2.5CVSS5.4AI score0.00193EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/06/03 1:18 p.m.105 views

Exploit for Improper Access Control in Proftpd

OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-W...

10CVSS6.2AI score0.96803EPSS
Exploits21
Vulnrichment
Vulnrichment
added 2026/06/01 4:52 p.m.9 views

CVE-2026-45279 Nextcloud: Limited path traversal via template API if using `{lang}` in config

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.14, and 32.0.0 to before 32.0.4, if lang is used in the template directory config value, non-admin users can in some cases copy arbitrary files depending on unix permissions into...

4.4CVSS5.9AI score0.00392EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/05/21 4:30 p.m.20 views

java-25-openjdk security update

An update is available for java-25-openjdk. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime...

8.2CVSS6.8AI score0.01052EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/05/15 4:0 p.m.8 views

CVE-2026-44641 Microsoft APM: plugin.json component paths escape plugin root and copy arbitrary host files during install

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 9:41 p.m.9 views

Microsoft APM CLI's plugin.json component paths escape plugin root and copy arbitrary host files during install

Summary Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents, skills, commands, and hooks are attacker-controlled, but the implementation does not enforce that those paths remain inside the plugin directory. A...

7.1CVSS5.9AI score0.00351EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.4 views

Cisco Adaptive Security Appliance (ASA) Software Multiple Context File Copy (cisco-sa-asa-scpcxt-filecpy-rgeP73nE)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

7.2CVSS5.8AI score0.0012EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/04/23 12:0 a.m.15 views

Important: java-21-openjdk security update

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016 JDK:...

7.5CVSS7.7AI score0.00702EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.8 views

uutils coreutils has a Link Following issue

A Time-of-Check to Time-of-Use TOCTOU vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the ONOFOLLOW flag. An attacker with...

4.7CVSS5.6AI score0.00105EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.4 views

PT-2026-26177

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and below Description SiYuan, a personal knowledge management system, has an issue where the /api/lute/html2BlockDOM endpoint on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace...

9.9CVSS5.8AI score0.00414EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25856

Name of the Vulnerable Software and Affected Versions File Browser versions 2.61.2 and below Description File Browser, a file managing interface, has an issue where an authenticated user with Create or Rename permissions can bypass administrator-configured deny rules. This is due to the order in...

6.5CVSS5.8AI score0.00387EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:22 p.m.6 views

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

7.2CVSS6AI score0.0012EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/02/05 3:20 a.m.5 views

GO-2026-4396 OpenList vulnerable to Path Traversal in file copy and remove handlers in github.com/OpenListTeam/OpenList

OpenList vulnerable to Path Traversal in file copy and remove handlers in github.com/OpenListTeam/OpenList...

8.8CVSS5.4AI score0.00598EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.7 views

PT-2026-6520

OpenList vulnerable to Path Traversal in file copy and remove handlers in github.com/OpenListTeam/OpenList...

8.8CVSS5.5AI score0.00598EPSS
Exploits1References7
Rows per page
Query Builder