Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

62 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: add NULL check in automountfullpath page is checked for null in buildpathfromdentryoptionalprefix when tcon-originfullpath is not set. However, the check is missing when it is set. Add a check to prevent a potential...

5.5CVSS5.8AI score0.00052EPSS
Exploits0References2
CNVD
CNVDadded 2026/01/09 12:0 a.m.1 views

TinyFileManager Path Traversal Vulnerability

TinyFileManager is a web-based file manager. It is used to store, upload, edit and manage files and folders online through a web browser. TinyFileManager has a path traversal vulnerability that stems from the parameter fullpath in the file tinyfilemanager.php failing to correctly filter special...

7.2CVSS5.8AI score0.00139EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/12/29 2:3 p.m.1 views

CVE-2025-15138

A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and...

7.2CVSS4.7AI score0.00139EPSS
Exploits1References1
NVD
NVDadded 2025/12/28 2:16 p.m.1 views

CVE-2025-15138

A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and...

7.2CVSS0.00139EPSS
Exploits1References4
OSV
OSVadded 2025/12/28 2:16 p.m.1 views

CVE-2025-15138

A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and...

7.2CVSS6.3AI score
Exploits0References4
EUVD
EUVDadded 2025/12/28 1:32 p.m.1 views

EUVD-2025-205510

A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and...

5.8CVSS4.5AI score0.00139EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/12/28 1:32 p.m.15 views

CVE-2025-15138 prasathmani TinyFileManager tinyfilemanager.php path traversal

A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and...

5.8CVSS0.00139EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/12/28 1:32 p.m.1 views

CVE-2025-15138 prasathmani TinyFileManager tinyfilemanager.php path traversal

A flaw has been found in prasathmani TinyFileManager up to 2.6. Affected by this issue is some unknown functionality of the file tinyfilemanager.php. This manipulation of the argument fullpath causes path traversal. Remote exploitation of the attack is possible. The exploit has been published and...

5.8CVSS6AI score0.00139EPSS
Exploits1References4
CVE
CVEadded 2025/12/28 1:32 p.m.12 views

CVE-2025-15138

TinyFileManager up to version 2.6 contains a path traversal flaw caused by manipulating the fullpath parameter in tinyfilemanager.php. The issue enables remote exploitation, with exploits published and the vendor reportedly unresponsive to disclosure. Public documents do not specify a patch versi...

7.2CVSS6AI score0.00139EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2025/12/28 12:0 a.m.1 views

TinyFileManager 路径遍历漏洞

TinyFileManager is a web-based file manager. It is used to store, upload, edit and manage files and folders online through a web browser. TinyFileManager has a path traversal vulnerability that stems from the parameter fullpath in the file tinyfilemanager.php failing to correctly filter special...

7.2CVSS5.8AI score0.00139EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/10/16 1:41 a.m.3 views

CVE-2024-13991

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS9.2AI score0.00552EPSS
Exploits0References1
NVD
NVDadded 2025/10/15 2:15 a.m.4 views

CVE-2024-13991

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS0.00552EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/10/15 1:21 a.m.2 views

CVE-2024-13991 Huijietong Cloud Video Platform fileDownload Arbitrary File Read

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS9.1AI score0.00552EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/15 1:21 a.m.1 views

EUVD-2024-55036

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS6.7AI score0.00552EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/10/15 12:0 a.m.1 views

PT-2025-42221

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS7.1AI score0.00552EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/10/15 12:0 a.m.1 views

HuiJieTong Cloud Video Platform 安全漏洞

HuiJieTong Cloud Video Platform is a cloud video platform from China-based HuiJieTong. A security vulnerability exists in HuiJieTong Cloud Video Platform, which can be exploited by an unauthenticated attacker to provide an arbitrary file path to the fullPath parameter of the...

8.7CVSS9.1AI score0.00552EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEVadded 2025/10/14 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-13991

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS5.9AI score0.00552EPSS
In wildExploits0References141
Snyk
Snykadded 2025/08/20 6:45 p.m.4 views

External Control of File Name or Path

Overview @directus/api is a real-time API and App dashboard for managing SQL database content Affected versions of this package are vulnerable to External Control of File Name or Path via the write and join method, which used the fullPath method to create the absolute path. An attacker can upload...

9.3CVSS7.8AI score0.0016EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/09 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-38208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: add NULL check in automountfullpath page is checked for null in buildpathfromdentryoptionalprefix when tcon-originfullpath is not set. However, the...

5.5CVSS6.1AI score0.00052EPSS
Exploits0References3
Microsoft CVE
Microsoft CVEadded 2025/08/07 7:0 a.m.1 views

smb: client: add NULL check in automount_fullpath

...

5.9CVSS6.8AI score0.00052EPSS
Exploits0
Rows per page
Query Builder