Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2026/05/19 3:55 p.m.13 views

n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions

Impact The ExecuteWorkflow node's localFile source option read workflow files from disk without applying checks enforced by other file-reading nodes. An authenticated user with permission to create or modify workflows could supply an arbitrary file path via the REST API, bypassing the...

5.9AI score
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/29 7:5 a.m.9 views

CLSA-2026-1777446306 python: Fix of CVE-2019-9948

CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...

9.1CVSS6.8AI score0.11844EPSS
Exploits1References1
CloudLinux
CloudLinux
added 2026/04/29 7:5 a.m.11 views

python: Fix of CVE-2019-9948

CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...

9.1CVSS6.8AI score0.11844EPSS
Exploits1
OSV
OSV
added 2026/04/28 4:32 p.m.8 views

CLSA-2026-1777393949 python: Fix of CVE-2019-9948

CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...

9.1CVSS6.8AI score0.11844EPSS
Exploits1References1
Veracode
Veracode
added 2024/08/29 10:48 a.m.11 views

Local File Bypass

phpoffice/phpspreadsheet is vulnerable to Local File Bypass. The vulnerability is due to improper validation and handling of XML input within XmlScanner.php, which allows attackers to exploit XXE to access local file contents...

8.8CVSS6.5AI score0.0057EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2015/10/12 10:59 a.m.21 views

CVE-2015-6322

The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.18 allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563...

6.6CVSS6.4AI score0.00383EPSS
Exploits0References2
Rows per page
Query Builder