Lucene search
K

4 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.10 views

CVE-2026-58166

OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to write or delete arbitrary files by supplying a malicious multipart filename in the file upload endpoint. Attackers can send a crafted filename containing...

9.1CVSS0.00628EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.6 views

Check Point Harmony SASE 安全漏洞

Check Point Harmony SASE is a Secure Access Service edge application from Check Point Israel. A security vulnerability exists in Check Point Harmony SASE that originates when a local user can trigger a client to write or delete files outside of the expected certificate working directory...

7.5CVSS6.5AI score0.00072EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:51 a.m.7 views

CVE-2022-42002

SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete...

9.1CVSS7.1AI score0.01036EPSS
Exploits1References1
OSV
OSV
added 2024/10/09 7:52 p.m.6 views

CVE-2024-7037 Arbitrary File Write/Delete Leading to RCE in open-webui/open-webui

In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHEDIR. This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote cod...

6.5CVSS7AI score0.01032EPSS
Exploits1References3
Rows per page
Query Builder