5 matches found
CVE-2025-69429
The ORICO NAS CD3510 version V1.9.12 and below contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the...
EUVD-2025-206720
An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 version equal to or prior to V1.9.12, DM3 version equal to or prior to V1.9.12, and DM200 version equal to or prior to V1.2.23 that could be exploited by attackers to leak or tamper with the intern...
CVE-2021-44557
National Library of the Netherlands multiNER = c0440948057afc6e3d6b4903a7c05e666b94a3bc is affected by an XML External Entity XXE vulnerability in multiNER/ner.py. Since XML parsing resolves external entities, a malicious XML stream could leak internal files and/or cause a DoS...
CVE-2021-44556
National Library of the Netherlands digger 6697d1269d981e35e11f240725b16401b5ce3db5 is affected by a XML External Entity XXE vulnerability. Since XML parsing resolves external entities, a malicious XML stream could leak internal files and/or cause a DoS...
CVE-2021-44556
National Library of the Netherlands digger 6697d1269d981e35e11f240725b16401b5ce3db5 is affected by a XML External Entity XXE vulnerability. Since XML parsing resolves external entities, a malicious XML stream could leak internal files and/or cause a DoS...