CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/12/11 6:30 p.m.•4 views

EUVD-2025-202697

In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure...

3.1CVSS5.8AI score0.00142EPSS

CVE•added 2025/12/11 3:19 p.m.•38 views

CVE-2025-67739

JetBrains TeamCity is affected if running a version prior to 2025.11.2. The CVE-2025-67739 issue is caused by improper validation of repository URLs, which could allow disclosure of local file paths. The Nessus and vendor entries corroborate that older TeamCity builds are vulnerable to local path...

3.1CVSS5.9AI score0.00142EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/11 3:19 p.m.•25 views

CVE-2025-67739

In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure...

3.1CVSS0.00142EPSS

Vulnrichment•added 2025/12/11 3:19 p.m.•4 views

CVE-2025-67739

In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure...

3.1CVSS5.9AI score0.00142EPSS

CNNVD•added 2025/12/11 12:0 a.m.•4 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides features such as continuous unit testing, code quality analysis and build issue analysis reports. A security vulnerability exists in JetBrains TeamCity...

3.1CVSS6.3AI score0.00142EPSS

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-6197

Malicious code in bioql PyPI...

6.9CVSS6.5AI score0.00285EPSS

RedhatCVE•added 2025/07/12 12:28 a.m.•10 views

CVE-2025-47813

loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie...

4.3CVSS6.2AI score0.56366EPSS

Exploits3References1

AlpineLinux•added 2025/03/05 12:8 a.m.•2 views

CVE-2025-20002

After attempting to upload a file that does not meet prerequisites, GMOD Apollo will respond with local path information disclosure...

6.9CVSS5.9AI score0.00285EPSS

CNNVD•added 2023/03/15 12:0 a.m.•5 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 111, which originates from a redirection to a Web extension file that could lead to the disclosure of a local path...

6.5CVSS7.8AI score0.00508EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 3:30 a.m.•3 views

SUSE CVE-2022-4123

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality...

3.3CVSS6.4AI score0.00238EPSS

Exploits0References3

OSV•added 2022/12/08 4:15 p.m.•2 views

DEBIAN-CVE-2022-4123

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality...

3.3CVSS5AI score0.00238EPSS

OSV•added 2022/12/08 4:15 p.m.•4 views

AZL-36977 CVE-2022-4123 affecting package podman for versions less than 5.6.1-2

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality...

3.3CVSS5.7AI score0.00238EPSS

Prion•added 2018/06/11 9:29 p.m.•20 views

Path traversal

Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird 52.5.2...

4.3CVSS5.5AI score0.01648EPSS

Exploits0References7Affected Software7

Packet Storm•added 2016/09/08 12:0 a.m.•31 views

Jobberbase 2.0 Disclosure / XSS / Code Execution / Upload

Jobberbase: http://www.jobberbase.com/ Version: 2.0 By Ross Marks: http://www.rossmarks.co.uk 1 Local path disclosure - change any variable to an array and in most cases it will tell you the local path where the application is installed eg...

0.5AI score

exploitpack•added 2016/09/08 12:0 a.m.•29 views

Jobberbase 2.0 - Multiple Vulnerabilities

Jobberbase 2.0 - Multiple Vulnerabilities Jobberbase: http://www.jobberbase.com/ Version: 2.0 By Ross Marks: http://www.rossmarks.co.uk 1 Local path disclosure - change any variable to an array and in most cases it will tell you the local path where the application is installed eg...

0.5AI score

Exploit DB•added 2016/09/08 12:0 a.m.•38 views

Jobberbase 2.0 - Multiple Vulnerabilities

7.4AI score

OwnCloud•added 2014/11/25 3:0 p.m.•34 views

Server: Local Path Disclosure when using Asset Pipeline

ownCloud 7 introduced the so-called "Asset Pipeline". It is disabled by default, but can be enabled by setting asset-pipeline.enabled to true in config.php When the setting is enabled ownCloud concatenates all CSS and JS files into a single large blob file. Thus the amount of initial required...

5CVSS6AI score0.01186EPSS

Exploits0Affected Software1

Hacker One•added 2014/07/18 5:21 p.m.•150 views

Mail.ru: e.mail.ru: File upload "Chapito" circus

Начинаем пихать зиробайты в имя файла на загрузке и поведение сервера неадекватно. Пока ничего страшнее чем local path disclosure, но боюсь импакт больше чем кажется. В имени файла в примере "��t123123", в хексе "220000000000007431323331323322" POST...

7AI score

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Nconf 1.3 - Multiple SQL Injection

No description provided by source. Exploit Title: nconf handleitem.php?Modifyattr.php etc Multiple Sql injection Date: 2013/3/4 Exploit Author: Saadat [email protected] Software Link: http://sourceforge.net/projects/nconf/files/nconf/ Vendors: http://www.nconf.org/ Author HomePage:...

7.1AI score