EUVD-2020-23785

Malware in sbrugna...

EUVD-2023-2577

Malicious code in bioql PyPI...

EUVD-2022-5449

Malicious code in bioql PyPI...

EUVD-2022-25613

Malicious code in bioql PyPI...

EUVD-2022-28398

Malicious code in bioql PyPI...

PT-2025-30640 · WordPress · The Security Ninja – Wordpress Security Plugin & Firewall

Name of the Vulnerable Software and Affected Versions: The Security Ninja – WordPress Security Plugin & Firewall versions prior to 5.243 Description: The Security Ninja – WordPress Security Plugin & Firewall plugin for WordPress is susceptible to an arbitrary file read issue. This allows...

CVE-2024-28198

OpenOlat is an open source web-based e-learning platform for teaching, learning, assessment and communication. By manually manipulating http requests when using the draw.io integration it is possible to read arbitrary files as the configured system user and SSRF. The problem is fixed in version...

CVE-2023-24487

Arbitrary file read in Citrix ADC and Citrix Gateway...

CVE-2022-22279

A post-authentication arbitrary file read vulnerability impacting end-of-life Secure Remote Access SRA products and older firmware versions of Secure Mobile Access SMA 100 series products, specifically the SRA appliances running all 8.x, 9.0.0.5-19sv and earlier versions and Secure Mobile Access...

CVE-2022-20467

In isBluetoothShareUri of BluetoothOppUtility.java, there is a possible incorrect file read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11...

CVE-2025-2777

Summary: CVE-2025-2777 affects SysAid On-Prem versions ≤ 23.3.40, with an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing endpoint. This can enable administrator account takeover and arbitrary file read primitives, per multiple sources in the connected documents. Wh...

CVE-2025-2775

CVE-2025-2775 affects SysAid On-Prem versions

CVE-2025-3295

The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive...

CVE-2025-31800 WordPress Publitio plugin <= 2.1.8 - Arbitrary File Read vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in publitio Publitio allows Path Traversal. This issue affects Publitio: from n/a through 2.1.8...

PT-2024-35727 · Devika · Devika

Name of the Vulnerable Software and Affected Versions: stitutionai/devika version latest Description: A local file read issue exists due to improper handling of the snapshot path parameter in the "/api/get-browser-snapshot" endpoint. An attacker can exploit this by crafting a request with a...

CVE-2024-28198

OpenOLAT contains an XXE/SSRF vulnerability in the draw.io integration that allows an attacker to read arbitrary files as the system user by manipulating HTTP requests. Affected versions are OpenOLAT prior to 18.1.6 and prior to 18.2.2. The issue is fixed in 18.1.6 and 18.2.2; users should upgrad...

PT-2023-12649 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a possible incorrect file read due to a confused deputy in the isBluetoothShareUri function of BluetoothOppUtility.java. This could lead to local information...

NetEx HyperIP Privilege Escalation Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-592: Authentication Bypass Issues Impact: Privilege Escalation Attack vector: HTTPS 2. Vulnerability Description Privileges can be escalated by abusing...

Mandriva Linux Security Advisory : tomcat (MDVSA-2015:084)

Updated tomcat package fixes security vulnerabilities : It was discovered that the Apache Commons FileUpload package for Java could enter an infinite loop while processing a multipart request with a crafted Content-Type, resulting in a denial-of-service condition CVE-2014-0050. Apache Tomcat 7.x...

Mac OS X : Apple Safari < 6.1.3 / 7.0.3 Multiple Vulnerabilities

The version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.1.3 or 7.0.3. It is, therefore, potentially affected by the following vulnerabilities related to the included WebKit components : - Unspecified errors exist that could allow memory corruption, application...