Lucene search
K

4 matches found

CVE
CVE
added 2025/10/15 5:7 p.m.14 views

CVE-2025-62382

CVE-2025-62382 affects Frigate (network video recorder for IP cameras). Before v0.16.2, the export workflow lets an authenticated operator nominate any filesystem path as the thumbnail source for a video export. The chosen path is copied verbatim into the publicly served clips directory, enabling...

7.7CVSS5.5AI score0.00284EPSS
Exploits0References2
Veracode
Veracode
added 2025/07/09 8:35 a.m.5 views

Path Traversal

llama-index-core is vulnerable to Path Traversal. The vulnerability is due to insufficient sanitization of the imagepath parameter in the encodeimage function, allowing attackers to access arbitrary files on the server...

7.5CVSS7.4AI score0.00545EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added 2025/07/07 1:15 p.m.11 views

PYSEC-2025-65

A path traversal vulnerability exists in run-llama/llamaindex versions 0.12.27 through 0.12.40, specifically within the encodeimage function in genericutils.py. This vulnerability allows an attacker to manipulate the imagepath input to read arbitrary files on the server, including sensitive syste...

7.5CVSS6.8AI score0.00545EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2015/07/01 2:0 p.m.47 views

CVE-2014-1836

ImpressCMS 1.3.5 and earlier contain an absolute path traversal in htdocs/libraries/image-editor/image-edit.php via the image_path parameter in a cancel action, enabling remote attackers to delete arbitrary files. This is associated with CVE-2014-1836 and is documented in multiple advisories (GHS...

6.4CVSS6.8AI score0.03711EPSS
Exploits3References5Affected Software1
Rows per page
Query Builder