Lucene search
K

38 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-14022

Malware in sbrugna...

6.5CVSS6.6AI score0.00304EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-8793

Malware in sbrugna...

7.2CVSS7AI score0.01144EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-19094

Malware in sbrugna...

7.5CVSS7.6AI score0.01488EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35495

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00701EPSS
Exploits0References1
OSV
OSV
added 2025/06/27 6:0 a.m.4 views

CVE-2025-5526 BuddyPress Docs < 2.2.5 - Subscriber+ Arbitrary Document Read/Update

The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user...

4.3CVSS5.9AI score0.00219EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/14 2:24 p.m.7 views

CVE-2025-49183

All communication with the REST API is unencrypted HTTP, allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files...

7.5CVSS7.4AI score0.00261EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.83 views

Important: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file...

9.8CVSS8.2AI score0.78483EPSS
Exploits6References6
OSV
OSV
added 2023/10/17 12:0 a.m.46 views

ALSA-2023:5763 Important: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: a heap-based buffer overflow in the SOCKS5 proxy handshake CVE-2023-38545 curl: cookie injection with none file...

9.8CVSS8.8AI score0.78483EPSS
Exploits6References6
NVD
NVD
added 2023/08/25 8:15 a.m.15 views

CVE-2023-32756

e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...

7.5CVSS7.6AI score0.00871EPSS
Exploits0References1
Prion
Prion
added 2023/08/25 8:15 a.m.22 views

Path traversal

e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...

5CVSS7.6AI score0.00871EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/25 7:14 a.m.14 views

CVE-2023-32756 e-Excellence U-Office Force - Path Traversal

e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...

7.5CVSS7.8AI score0.00871EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/25 7:14 a.m.16 views

CVE-2023-32756 e-Excellence U-Office Force - Path Traversal

e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service...

7.5CVSS7.2AI score0.00871EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2023/08/01 12:0 a.m.204 views

Moderate: curl security update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: IDN wildcard match may lead to Improper Cerificate Validation CVE-2023-28321 curl: more POST-after-PUT confusion...

5.9CVSS7AI score0.02211EPSS
Exploits2References6
BDU FSTEC
BDU FSTEC
added 2022/06/08 12:0 a.m.7 views

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software lies in the improper limitation of the path name to the restricted access directory. This allows a malicious actor to load any file into any directory of the file system.

The vulnerability of HID Mercury programmable logic controllers’ microprogramming software is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to download any file into any directory of the file system b...

9.1CVSS7.8AI score0.01627EPSS
Exploits0References7Affected Software9
OSV
OSV
added 2021/11/09 9:38 a.m.33 views

RLSA-2021:4511 Moderate: curl security and bug fix update

The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: Leak of authentication credentials in URL via automatic Referer CVE-2021-22876 curl: TELNET stack contents disclosure...

3.7CVSS6.1AI score0.05301EPSS
Exploits3References5
NVD
NVD
added 2020/11/17 9:15 p.m.14 views

CVE-2020-26549

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...

7.5CVSS7.5AI score0.01488EPSS
Exploits1References1
Prion
Prion
added 2020/11/17 9:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...

5CVSS7.5AI score0.01488EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/17 8:24 p.m.14 views

CVE-2020-26549

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...

7.5AI score0.01488EPSS
Exploits1References1
NVD
NVD
added 2020/09/30 6:15 p.m.32 views

CVE-2020-13953

In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run...

5.3CVSS0.02651EPSS
Exploits0References2
Veracode
Veracode
added 2020/08/06 9:29 p.m.21 views

Authorization Bypass

firefox is vulnerable to authorization bypass. The vulnerability exists as the code for downloading files did not validate special characters, allowing the file path to be cut off earlier, resulting in the downloading of a different file...

6.5CVSS4.6AI score0.01202EPSS
Exploits0References6Affected Software7
Rows per page
Query Builder