Directory Traversal

Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Directory Traversal due to improper handling of BasePathFs by the withHashFile middleware. An attacker can access and download files outside the intended shared directory...

CVE-2025-55013

The CVE-2025-55013 issue affects Assemblyline 4 Service Client. The task_handler.py component accepts a SHA-256 value from the server and uses it directly as a local filename, enabling a path traversal when the server (or a MITM) returns a payload like ../../../etc/cron.d/evil. This can cause the...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071-POC-NTLMHashDisclosure - Triggers automatic SMB...

CVE-2023-47579

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system...

Description of the security update for SharePoint Server Subscription Edition: April 9, 2024 (KB5002581)

Description of the security update for SharePoint Server Subscription Edition: April 9, 2024 KB5002581 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

CVE-2023-47579

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system...

CVE-2023-47579

Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system...

CVE-2023-47579

CVE-2023-47579 affects Relyum RELY-PCIe devices (version 22.2.1). The root cause is a system group misconfiguration that permits read access to the operating system’s central password hash file. Public sources in the connected documents consistently describe an information disclosure risk but do ...

Relyum RELY-PCIe Security Vulnerability

The Relyum RELY-PCIe is an intelligent pluggable board from Relyum Spain. A security vulnerability exists in Relyum RELY-PCIe version 22.2.1 that originates from a system group misconfiguration. An attacker could exploit the vulnerability to gain read access to the operating system's central...

Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1845 Buildroot BRNOCHECKHASHFOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted...

PT-2023-30671 · Liblisp · Liblisp

Name of the Vulnerable Software and Affected Versions: Liblisp through commit 4c65969 Description: A use-after-free issue was found in the hash destroy function, located in hash.c. Recommendations: For versions through commit 4c65969, consider applying a patch that fixes the hash destroy function...

CVE-2020-24578

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files such as the password hash file...

UBUNTU-CVE-2017-11695

Heap-based buffer overflow in the allocsegs function in lib/dbm/src/hash.c in Mozilla Network Security Services NSS allows context-dependent attackers to have unspecified impact using a crafted cert8.db file...

Design/Logic Flaw

LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors...

Simple PHP Blog 0.4.0 Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Simple PHP...