Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-1556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to...

6.9CVSS5.9AI score0.00391EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 12:31 a.m.8 views

EUVD-2026-16422

Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...

6.9CVSS5.8AI score0.00391EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/26 10:58 p.m.4 views

CVE-2026-1556

A flaw was found in Drupal File Field Paths. This information disclosure vulnerability allows authenticated users to disclose other users’ private files. This can be exploited by performing filename-collision uploads, which causes the system to receive incorrect file Uniform Resource Identifiers...

7.7CVSS5.7AI score0.00391EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/03/26 10:16 p.m.8 views

CVE-2026-1556

Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...

6.9CVSS5.8AI score0.00391EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 9:14 p.m.6 views

CVE-2026-1556

Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...

6.9CVSS5.8AI score0.00391EPSS
Exploits1References3Affected Software1
Snyk
Snyk
added 2025/07/07 10:44 a.m.2 views

Expected Behavior Violation

Overview llama-index-readers-papers is a llama-index readers papers integration Affected versions of this package are vulnerable to Expected Behavior Violation via the ArxivReader process. An attacker can cause data loss by uploading papers with identical titles but different contents, resulting ...

6.9CVSS6.9AI score0.00281EPSS
Exploits1References2
OSV
OSV
added 2021/09/14 1:15 a.m.2 views

DEBIAN-CVE-2021-41072

squashfsopendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create th...

8.1CVSS6.5AI score0.02136EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2020/03/26 12:0 a.m.29 views

openSUSE Security Update : nghttp2 (openSUSE-2020-379)

This update for nghttp2 fixes the following issues : nghttp2 was update to version 1.40.0 bsc1166481 - lib: Add nghttp2checkauthority as public API - lib: Fix the bug that stream is closed with wrong error code - lib: Faster huffman encoding and decoding - build: Avoid filename collision of stati...

9.8CVSS7.3AI score0.02457EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/03/20 12:0 a.m.24 views

SUSE SLED15 / SLES15 Security Update : nghttp2 (SUSE-SU-2020:0722-1)

This update for nghttp2 fixes the following issues : nghttp2 was update to version 1.40.0 bsc1166481 lib: Add nghttp2checkauthority as public API lib: Fix the bug that stream is closed with wrong error code lib: Faster huffman encoding and decoding build: Avoid filename collision of static and...

9.8CVSS7.3AI score0.02457EPSS
Exploits1References5
Rows per page
Query Builder