Lucene search
K

12 matches found

Snyk
Snyk
added 2026/03/16 6:47 p.m.5 views

Files or Directories Accessible to External Parties

Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties through the importStdMd import process in kernel/api/import.go. An attacker can import data from sensitive or unintended local paths and potentially access or expose local files by...

8.2CVSS5.8AI score0.00431EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/27 3:23 p.m.6 views

CVE-2025-59105

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

7CVSS5.9AI score0.00097EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/11 12:30 p.m.20 views

EUVD-2025-33845

The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 0.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

5.3CVSS5.7AI score0.00293EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/11 9:28 a.m.26 views

CVE-2025-8484 Code Quality Control Tool <= 2.1 - Unauthenticated Information Exposure via Log Files

The Code Quality Control Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in version 2.1 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files...

5.3CVSS0.00293EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.6 views

PT-2025-35832

Name of the Vulnerable Software and Affected Versions XWiki Platform versions 4.2-milestone-2 through 16.10.6 Description The XWiki Platform is a generic wiki platform. Configuration files are accessible through jsx and sx endpoints. An attacker can access and read configuration files using URLs...

9.3CVSS6.5AI score0.01639EPSS
Exploits0References17
Cvelist
Cvelist
added 2025/08/21 8:9 p.m.15 views

CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS0.01088EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.5 views

S3Proxy 路径遍历漏洞

S3Proxy is an S3 API from the individual developer Andrew Gaul. A path traversal vulnerability exists in S3Proxy versions prior to 2.6.0, which stems from the fact that the filesystem and filesystem-nio2 storage backends may inadvertently expose local files to users...

6CVSS6.3AI score0.00528EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2024/10/07 8:4 a.m.10 views

A week in security (September 30 &#8211; October 6)

Last week on Malwarebytes Labs: Facebook and Instagram passwords were stored in plaintext, Meta fined Android users targeted on Facebook and porn sites, served adware Fake Disney+ activation page redirects to pornographic scam Radiology provider exposed tens of thousands of patient files Not Blac...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/02 2:15 p.m.9 views

CVE-2022-26975

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication...

7.5CVSS5.8AI score0.00939EPSS
Exploits0References3
OSV
OSV
added 2022/01/28 8:15 p.m.2 views

CVE-2022-22790

SYNEL - eharmony Directory Traversal. Directory Traversal - is an attack against a server or a Web application aimed at unauthorized access to the file system. on the "Name" parameter the attacker can return to the root directory and open the host file. The path exposes sensitive files that users...

7.5CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2020/06/24 11:15 p.m.4 views

UBUNTU-CVE-2020-15005

In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the imgauth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because...

3.1CVSS5.8AI score0.01302EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2004/08/09 12:0 a.m.68 views

thttpd 2.0.7 Directory Traversal (Windows)

The remote web server fails to limit requests to items within the document directory. An attacker may exploit this flaw to read arbitrary files on the remote system with the privileges of the http process. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid14229;...

5CVSS5.6AI score0.03623EPSS
Exploits1References2
Rows per page
Query Builder