PT-2026-48463

Summary Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh ssh sftpd module allows File Discovery. The SSH FXP READLINK handler in ssh sftpd sends the raw result of file:read link/2 to the client without calling chroot filename/2 to strip the backend root...

EUVD-2025-209053

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

CVE-2025-55265

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

CVE-2025-55265 HCL Aftermarket DPC is affected by File Discovery

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

CVE-2025-55265 HCL Aftermarket DPC is affected by File Discovery

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

CVE-2025-55265

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensitive files present in the system and may use it to craft further attacks...

PT-2026-28290

Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description HCL Aftermarket DPC is susceptible to a File Discovery issue. An attacker could exploit this to read sensitive files present on the system and potentially use them to plan further...

Exploit for Race Condition in Canonical Ubuntu_Linux

500+ Pentest One-Liners & Commands for Every Hacking Scenario...

EUVD-2005-1653

Malware in sbrugna...

EUVD-2018-0133

Malware in sbrugna...

EUVD-2022-40054

Malicious code in bioql PyPI...

EUVD-2024-48621

Malicious code in bioql PyPI...

EUVD-2023-46278

Malicious code in bioql PyPI...

CVE-2022-23113

Jenkins Publish Over SSH Plugin 1.22 and earlier performs a validation of the file name specifying whether it is present or not, resulting in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files...

GHSA-98CV-WQJX-WX8F sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders

Summary Users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . PoC As root: mkdir /tmp/foo chmod a-rwx /tmp/foo touch /tmp/foo/secretfile As a user without any or limited sudo rights: $ sudo --list...

sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders

Summary Users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . PoC As root: mkdir /tmp/foo chmod a-rwx /tmp/foo touch /tmp/foo/secretfile As a user without any or limited sudo rights: $ sudo --list...

CVE-2025-46717 sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . Users with local access to a machine can discover the...

Apache HTTPD Mod_negotiation Filename Bruter

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework modnegotiation bruter http://httpd.apache.org/docs/1.3/content-negotiation.html class MetasploitModule 'Apache HTTPD modnegotiation Filename Bruter', 'Description' = %q...

CVE-2024-7744

In WSFTP Server versions before 8.8.8 2022.0.8, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has...

CVE-2024-7744 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Progress WS_FTP Server

In WSFTP Server versions before 8.8.8 2022.0.8, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has...