Lucene search
K

18 matches found

Cvelist
Cvelist
added 2026/06/15 12:0 a.m.30 views

CVE-2026-50877

An issue in Zhoros SuperBin v1.0.0 allows attackers to execute a directory traversal via supplying files with names containing traversal characters...

0.00577EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 9:8 p.m.1 views

CVE-2026-34371 LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...

6.3CVSS6AI score0.00258EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/07 9:8 p.m.7 views

CVE-2026-34371

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...

6AI score0.00258EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/04/07 9:8 p.m.20 views

CVE-2026-34371 LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal

LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...

6.3CVSS0.00258EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/01 7:51 p.m.3 views

CVE-2026-34750 Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints

Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...

6.5CVSS5.8AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2026/03/23 9:17 p.m.11 views

CVE-2026-23484

Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the fileName parameter is not filtered, allowing path traversal to write files anywhere on the file system. Moreover, this interface only requires authProcedure normal user, not superAdminAuthMiddleware. At time o...

6.5CVSS0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/04 11:5 p.m.5 views

CVE-2025-22873 Improper access to parent directory of root in os

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

5.4AI score0.00238EPSS
Exploits0References4
OSV
OSV
added 2026/01/29 4:9 p.m.4 views

SUSE-SU-2026:20195-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396. - CVE-2026-24883: denial of service due to long signature packet length causing parsesignature to return success with sig-data set to a NULL...

8.4CVSS6.2AI score0.00447EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.9 views

MiracleLinux 7 : ruby-2.0.0.648-36.el7 (AXSA:2019-4276:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4276:03 advisory. ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by large request in WEBrick CVE-2018-8777 ruby: Buffer under-read in Stringunpack...

9.8CVSS6.9AI score0.10552EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.144 views

ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal', 'Description' = %q This module exploits a directory traversal vulnerabili...

7.4AI score
Exploits0
OSV
OSV
added 2023/03/24 3:15 p.m.5 views

PYSEC-2023-29

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1...

9.8CVSS5.5AI score0.69468EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.4 views

PT-2023-16171 · Froxlor · Froxlor

Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.0 Description: The issue is related to Path Traversal, where the sequence '..filename' can be used to access files outside the intended directory. This affects the GitHub repository froxlor/froxlor...

6.8CVSS5.8AI score0.00729EPSS
Exploits2References8
CNNVD
CNNVD
added 2022/07/05 12:0 a.m.4 views

Fortinet FortiClient 路径遍历漏洞

Fortinet FortiClient is a structured agent from Fortinet, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client. A path traversal vulnerability exists in Fortinet FortiClient that stems from an input validation error when processing a director...

7.8CVSS7.5AI score0.00495EPSS
Exploits0References4
OSV
OSV
added 2021/08/27 3:15 p.m.4 views

UBUNTU-CVE-2021-40153

squashfsopendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations...

8.1CVSS6.7AI score0.025EPSS
Exploits1References8
OSV
OSV
added 2019/09/17 3:15 p.m.5 views

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...

6.5CVSS5.8AI score0.02195EPSS
Exploits1References3
CNVD
CNVD
added 2018/03/15 12:0 a.m.7 views

SecurEnvoy SecurMail Directory Traversal Vulnerability

SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A directory traversal vulnerability exists in SecurEnvoy SecurMail versions prior to 9.2.501. A remote attacker can send a directory traversal vulnerability to the secupload2/upload.aspx file by sending a file with the '...' sequen...

8.1CVSS7AI score0.06321EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2010/08/02 8:17 p.m.7 views

tomcat: unexpected file deletion in work directory

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename...

4.3CVSS5.8AI score0.1078EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2010/01/21 12:0 a.m.11 views

PT-2010-1277 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 5.5.0 through 5.5.28 Apache Tomcat versions 6.0.0 through 6.0.20 Description: The issue allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename. When deploying WAR file...

7.5CVSS5.3AI score0.9444EPSS
Exploits38References115
Rows per page
Query Builder