Lucene search
+L

94109 matches found

EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-45151

The Altiris WMI provider exposes a class AltirisAgentStream that allows any local standard user to read the contents of any file accessible to the SYSTEM account, bypassing filesystem ACLs. No admin privileges required. The provider reverts to the LocalSystem context when servicing WMI queries...

5.1CVSS5.2AI score
Exploits0References2
NVD
NVD
added 3 hours ago3 views

CVE-2026-15379

The Altiris WMI provider exposes a class AltirisAgentStream that allows any local standard user to read the contents of any file accessible to the SYSTEM account, bypassing filesystem ACLs. No admin privileges required. The provider reverts to the LocalSystem context when servicing WMI queries...

5.1CVSS
Exploits0References1
CVE
CVE
added 4 hours ago6 views

CVE-2026-15379

CVE-2026-15379 : The Altiris WMI provider exposes the AltirisAgent_Stream class, allowing any local standard user to read files accessible to the SYSTEM context, bypassing filesystem ACLs. The provider uses LocalSystem context for WMI queries without re-impersonating the caller, enabling read acc...

5.1CVSS5.3AI score
Exploits0References1
CVE
CVE
added 11 hours ago6 views

CVE-2026-62230

Grav

8.7CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added 11 hours ago4 views

EUVD-2026-45118

Grav before 2.0.4 ships a default .htaccess and reference webserver-configs/htaccess.txt whose rules blocking access to sensitive file types .yaml, .php, .json, etc. lack the NC flag, making extension matching case-sensitive. On case-insensitive filesystems Windows/NTFS, macOS/HFS+, or Docker...

8.7CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-55629

CVE-2026-55629 affects Whistle (HTTP/HTTP2/HTTPS/WebSocket proxy). Before 2.10.3, the code path in lib/service/service.js for GET /cgi-bin/temp/get uses req.query.filename and joins it to TEMP_FILES_PATH only if it matches the temp-file pattern; otherwise it passes the user-supplied filename to g...

8.7CVSS6.2AI score
Exploits0References3
CVE
CVE
added yesterday8 views

CVE-2026-53536

Activepieces (open source AI workflow automation) exposed a cross-tenant file exposure vulnerability prior to version 0.83.0. The /v1/step-files/signed download endpoint validated the JWT against the shared signing secret but did not check the token’s audience and, due to a missing null-check on ...

5.3CVSS6.1AI score
Exploits0References4
CVE
CVE
added yesterday9 views

CVE-2026-6511

CVE-2026-6511 : Lenovo Smart Connect for Windows is reported to have an improper access control vulnerability that could allow a local authenticated user to access files owned by another user on the same system. The issue is described as local, with low attack complexity and the attack requires l...

6.8CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-44974

During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system...

6.8CVSS6.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-6511

During an internal security assessment, a potential improper access control vulnerability was discovered in Lenovo Smart Connect for Windows that could allow a local authenticated user to access files owned by a different user on the same system...

6.8CVSS6.1AI score
Exploits0References3
CVE
CVE
added yesterday7 views

CVE-2026-59863

Kiota (OpenAPI-based HTTP client code generator) prior to version 1.32.5 mishandled the poisoned .kiota/workspace.json workspace configuration by not validating per-client or per-plugin outputPath values during kiota client generate and kiota plugin generate. This could allow an attacker (e.g., v...

7CVSS6.2AI score
Exploits0References4
CVE
CVE
added yesterday9 views

CVE-2026-12391

In Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools), a symlink-following flaw in the pro collect-logs workflow allows a local, unprivileged user to influence a predictable temporary path. By creating a symlink to a root-owned file (e.g., /etc/shadow) at that destination, an administr...

5CVSS6.1AI score
Exploits0References1
Nuclei
Nuclei
added yesterday485 views

Sonatype Nexus Repository Manager 3 - Local File Inclusion

Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. id: CVE-2024-4956 info: name: Sonatype Nexus Repository Manager 3 - Local File Inclusion author: ritikchaddha severity: high description: | Path Traversal in Sonatype...

7.5CVSS7AI score0.18245EPSS
Exploits16References4
Nuclei
Nuclei
added yesterday47 views

Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion

A directory traversal vulnerability in the J!WHMCS Integrator comjwhmcs component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1977 info: name: Joomla! Component J!WHMCS Integrator 1.5.0 - Local File...

7.5CVSS6.2AI score0.07402EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday19 views

Zimbra - Cross-Site Scripting via ICS Files

Detects Zimbra Collaboration Suite versions vulnerable to CVE-2025-27915, a stored XSS vulnerability in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an email with a malicious ICS entry, embedded JavaScript executes via an ontoggle event...

5.4CVSS6.7AI score0.04344EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday87 views

Clustering Local File Inclusion

Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access. id: CVE-2021-43496 inf...

7.5CVSS7.2AI score0.15689EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday131 views

GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.

Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. id: CVE-2021-43778 info: name: GLPI plugin Barcode 2.6.1 - Path Traversal Vulnerability. author:...

9.1CVSS7AI score0.52658EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday47 views

Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion

A directory traversal vulnerability in the Preventive & Reservation compreventive component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1475 info: name: Joomla...

6.8CVSS6.2AI score0.09471EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday23 views

MPDV Mikrolab GmbH HYDRA X, MIP 2 & FEDRA 2 - Path Traversal

MPDV Mikrolab GmbH HYDRA X, MIP 2, and FEDRA 2 = Maintenance Pack 36 with Servicepack 8 week 36/2025 contain an unauthenticated local file disclosure vulnerability caused by improper validation of the "Filename" parameter in the public $SCHEMAS$ resource, letting attackers read arbitrary Windows ...

7.5CVSS7.1AI score0.03625EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday59 views

Onkyo TX-NR585 Web Interface - Directory Traversal

Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion. id: CVE-2020-12447 info: name: Onkyo TX-NR585 Web Interface - Directory Traversal author: 0xAkoko severity: high...

7.5CVSS7AI score0.14071EPSS
Exploits1References4
Rows per page
Query Builder