Lucene search
+L

242 matches found

EUVD
EUVD
added 2025/12/02 3:30 p.m.6 views

EUVD-2025-200250

A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372 on Android. Impacted is an unknown function of the component com.rocks.music.videoplayer. The manipulation leads to path traversal. The attack needs to be performed locally. The exploit has been...

5.3CVSS5.1AI score0.00298EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/02 3:2 p.m.2 views

CVE-2025-13876 Rareprob HD Video Player All Formats App com.rocks.music.videoplayer path traversal

A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372 on Android. Impacted is an unknown function of the component com.rocks.music.videoplayer. The manipulation leads to path traversal. The attack needs to be performed locally. The exploit has been...

5.3CVSS5.2AI score0.00298EPSS
Exploits1References4
OSV
OSV
added 2025/11/20 4:25 p.m.4 views

CVE-2025-13437 Arbitrary node_modules Directory Deletion in Google zx

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

8.3CVSS6AI score0.0008EPSS
Exploits0References4
Snyk
Snyk
added 2025/11/20 4:25 p.m.5 views

Use of Incorrectly-Resolved Name or Reference

Overview zx is an A tool for writing better scripts Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via the linkNodeModules function. An attacker can cause deletion of arbitrary directories by supplying a crafted path to the --prefer-local...

8.3CVSS6.9AI score0.0008EPSS
Exploits0References2
MSRC
MSRC
added 2025/10/30 12:0 a.m.15 views

A deep dive into MUTZ

AtDEF CON 33, we shared our research into MapUrlToZone, a critical Windows security component that determines whether a given path is local, on the intranet, or on the broader Internet. This classification drives several security decisions across Windows, for example, preventing a CreateFile call...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-16822

Malware in sbrugna...

4.3CVSS7AI score0.01648EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-24212

Malware in sbrugna...

7.2CVSS6.2AI score0.00325EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1469

Malicious code in bioql PyPI...

8.3CVSS6.5AI score0.01279EPSS
Exploits0References43
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-21020

Malicious code in bioql PyPI...

10CVSS9.2AI score0.95343EPSS
Exploits24References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6197

Malicious code in bioql PyPI...

6.9CVSS6.5AI score0.00285EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/10/02 6:11 a.m.5 views

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.

...

3.3CVSS7AI score0.00238EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/26 10:19 p.m.4 views

CVE-2025-35112 Agiloft XML external entity local path traversal

Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31...

5.1CVSS6AI score0.00285EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-28160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive...

6.5CVSS7.5AI score0.00508EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/12 12:28 a.m.11 views

CVE-2025-47813

loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie...

4.3CVSS6.2AI score0.56366EPSS
Exploits24References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: container-tools:rhel8 (TSSA-2024:0781)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0781 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.3CVSS6.7AI score0.01533EPSS
Exploits0References9
CVE
CVE
added 2025/06/01 11:37 a.m.61 views

CVE-2025-33004

CVE-2025-33004 affects IBM Planning Analytics Local (2.0 and 2.1). The vulnerability is a path traversal flaw caused by improper pathname restriction that could let a privileged user delete files from directories. Connected sources confirm affected versions 2.0–2.1 and cite the impact as file del...

6.5CVSS6.3AI score0.00391EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/05/26 9:30 a.m.9 views

GHSA-55G9-6C2X-GF8Q HumanSignal label-studio-ml-backend Deserialization of Untrusted Data vulnerability

A vulnerability has been found in HumanSignal label-studio-ml-backend up to 9fb7f4aa186612806af2becfb621f6ed8d9fdbaf and classified as problematic. Affected by this vulnerability is the function load of the file label-studio-ml-backend/labelstudioml/examples/yolo/utils/neuralnets.py of the...

5.3CVSS4.9AI score0.00188EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.9 views

CVE-2021-37731

A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address...

7.2CVSS6.7AI score0.00325EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.11 views

Azure Linux 3.0 Security Update: kubernetes / local-path-provisioner (CVE-2020-8565)

The version of kubernetes / local-path-provisioner installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-8565 advisory. - In Kubernetes, if the logging level is set to at least 9, authorization and bear...

5.5CVSS6AI score0.00512EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/03/27 9:13 p.m.10 views

CVE-2020-8565 affecting package local-path-provisioner for versions less than 0.0.24-5

CVE-2020-8565 affecting package local-path-provisioner for versions less than 0.0.24-5. A patched version of the package is available...

5.5CVSS6.2AI score0.00512EPSS
Exploits0
Rows per page
Query Builder