Lucene search
K

79 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/03 8:35 p.m.6 views

CVE-2026-58293

External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.1CVSS6.1AI score0.00438EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.5 views

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.1CVSS6.1AI score0.00438EPSS
Exploits0
NVD
NVD
added 2026/07/03 3:16 a.m.12 views

CVE-2026-8921

External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information...

8.5CVSS0.00124EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 2:0 a.m.8 views

EUVD-2026-41483

External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information...

8.5CVSS6.2AI score0.00124EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:0 a.m.7 views

CVE-2026-8921

External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information...

8.5CVSS6.2AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2026/07/03 2:0 a.m.19 views

CVE-2026-8921

The CVE-2026-8921 entry concerns ASUS Business Manager. It describes an External Control of File Name or Path vulnerability that allows a local user to execute arbitrary code with SYSTEM privileges by sending a tampered IPC message. Affected product is ASUS Business Manager; the root cause is con...

8.5CVSS6.2AI score0.00124EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/27 12:12 a.m.7 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the patch-remove process. An attacker can cause deletion of arbitrary files outside the intended directory by crafting a patch entry that resolves outside the configured patches directory...

7.1CVSS5.9AI score0.00257EPSS
Exploits1References3
Snyk
Snyk
added 2026/06/27 12:2 a.m.7 views

External Control of File Name or Path

Overview @pnpm/installing.deps-restorer is a Fast installation using only pnpm-lock.yaml Affected versions of this package are vulnerable to External Control of File Name or Path via the lockfile alias handling process. An attacker can overwrite files or directories outside the intended nodemodul...

7.1CVSS5.8AI score0.00262EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.40 views

PT-2026-48038

Name of the Vulnerable Software and Affected Versions Azure Stack Edge affected versions not specified Description External control of a file name or path allows an unauthorized attacker to execute arbitrary code over a network. Recommendations At the moment, there is no information about a newer...

10CVSS6.2AI score0.00753EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/03 9:15 p.m.9 views

External Control of File Name or Path

Overview docling-core is an A python library to define and validate data types in Docling. Affected versions of this package are vulnerable to External Control of File Name or Path in the pilimage function, when handling image reference URIs. An attacker can access local files using the file://...

8.1CVSS5.5AI score0.0004EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/03 9:15 p.m.12 views

External Control of File Name or Path

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to External Control of File Name or Path in backend/htmlbackend.py‎, which ...

7.1CVSS5.5AI score0.00217EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/28 5:44 p.m.7 views

External Control of File Name or Path

Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to External Control of File Name or Path via the -o/--output argument in the trestle author jinja. An attacker can overwrite arbitra...

8.6CVSS5.8AI score0.0005EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/13 9:32 p.m.10 views

EUVD-2026-30111

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.52 views

CVE-2026-40370

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...

8.8CVSS6AI score0.00555EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:17 p.m.8 views

CVE-2026-41088

Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00319EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.13 views

CVE-2026-40370

External control of file name or path in SQL Server allows an authorized attacker to execute code over a network...

8.8CVSS6AI score0.00555EPSS
Exploits0References2Affected Software10
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.7 views

CVE-2026-41107

External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...

7.4CVSS5.8AI score0.00652EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:58 p.m.8 views

CVE-2026-41088

Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software10
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.9 views

Azure Monitor Agent Elevation of Privilege Vulnerability

External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00285EPSS
Exploits0
Snyk
Snyk
added 2026/05/05 9:15 p.m.14 views

External Control of File Name or Path

Overview @evomap/evolver is an A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol GEP for auditable, reusable evolution assets. Affected versions of this package are vulnerable to External Control of File Name or Path via the fetch...

8.8CVSS6.1AI score
Exploits0References2
Rows per page
Query Builder