Lucene search
K

322 matches found

NVD
NVD
added 2026/07/01 7:16 p.m.9 views

CVE-2026-58451

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS0.00379EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/01 6:16 p.m.38 views

CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS0.00379EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/07/01 6:16 p.m.7 views

CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src

Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References6
CVE
CVE
added 2026/07/01 6:16 p.m.23 views

CVE-2026-58451

CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54913

Name of the Vulnerable Software and Affected Versions Horde IMP versions prior to 7.0.1 Description A path traversal issue exists in the lib/Compose.php file. Authenticated attackers can read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix ...

7.1CVSS6.1AI score0.00379EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/03/09 2:32 a.m.36 views

CVE-2026-3796 Qi-ANXIN QAX Virus Removal Mini Filter Driver QKSecureIO_Imp.sys ZwTerminateProcess access control

A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIOImp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to...

5.3CVSS0.00215EPSS
Exploits0References5
CVE
CVE
added 2026/03/09 2:32 a.m.16 views

CVE-2026-3796

CVE-2026-3796 affects Qi-ANXIN QAX Virus Removal (Mini Filter Driver component) via ZwTerminateProcess in QKSecureIO_Imp.sys. The vulnerability arises from a manipulation that enables improper access controls; attack is local and there is publicly available exploit. Multiple trusted sources (NVD,...

7.8CVSS5.7AI score0.00215EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/02/16 5:2 a.m.36 views

CVE-2026-2536 opencc JFlow Workflow WF_Admin_AttrFlow.java Imp_Done xml external entity reference

A vulnerability was determined in opencc JFlow up to 20260129. This affects the function ImpDone of the file src/main/java/bp/wf/httphandler/WFAdminAttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The attack may be...

6.5CVSS0.00294EPSS
Exploits0References6
CVE
CVE
added 2026/02/16 5:2 a.m.15 views

CVE-2026-2536

The vulnerability CVE-2026-2536 affects the opencc JFlow Workflow Engine, specifically the Imp_Done function in WF_Admin_AttrFlow.java. The issue arises from manipulating the File argument, enabling an XML External Entity (XXE) reference. Remote exploitation is possible, and public disclosure of ...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.8 views

JFlow 代码问题漏洞

JFlow is a low-code BPM development platform open-sourced by Jinan Chicheng opencc in China. Versions of JFlow dated 20260129 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of the File parameter in the function ImpDone within the Workflow Engine...

6.5CVSS6.7AI score0.00294EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2025/10/21 9:54 p.m.25 views

orx-concurrent-bag (>=1.0.0 <=1.16.0), orx-concurrent-iter (>=1.0.0 <=1.22.1) +9 more potentially affected by unknown CVE via orx-pinned-vec (>=0.1.1 <=2.12.0)

orx-pinned-vec CARGO version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.6.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =2.14.0 Source cves: unknown CVE Source advisory: OSV:GHSA-H5J3-CRG5-8JQM...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0179

Malware in sbrugna...

7.5CVSS6.2AI score0.01847EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0494

Malware in sbrugna...

5CVSS6.1AI score0.01945EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-3677

Malware in sbrugna...

4.3CVSS6.4AI score0.02591EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-4743

Malware in sbrugna...

4.3CVSS6.3AI score0.00902EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-1659

Malware in sbrugna...

5CVSS6.4AI score0.01266EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-2003

Malware in sbrugna...

5.3CVSS6.4AI score0.01924EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0840

Malware in sbrugna...

7.5CVSS6.4AI score0.0349EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2000-0457

Malware in sbrugna...

2.1CVSS6.4AI score0.00329EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-4075

Malware in sbrugna...

4.3CVSS6.4AI score0.02401EPSS
Exploits1References9
Rows per page
Query Builder