CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Positive Technologies•added 3 days ago•4 views

PT-2026-45974

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a task id containing .. sequences accepted by the Task SDK's KEY REGEX write-path attack, a...

6.5CVSS5.9AI score

Exploits0References4

CNNVD•added 3 days ago•5 views

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

6.5CVSS5.9AI score0.0007EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-2792

Malware in sbrugna...

7.8CVSS7.7AI score0.00056EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2001-0820

Malware in sbrugna...

2.1CVSS6.4AI score0.00099EPSS

Exploits0References4

CNNVD•added 2024/01/11 12:0 a.m.•0 views

WordPress Plugin BackWPup Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.7CVSS6.8AI score0.00649EPSS

Exploits1References4

CNVD•added 2020/10/30 12:0 a.m.•16 views

Commvault directory traversal vulnerability

Commvault is a next-generation data management platform, and a directory traversal vulnerability exists in CommCell in Commvault, which could be exploited by attackers to view files outside of the log folder...

7.5CVSS4.4AI score0.57276EPSS

Exploits0References1

CNVD•added 2018/05/09 12:0 a.m.•1 views

Cylance CylancePROTECT Privilege Extraction Vulnerability

Cylance CylancePROTECT is a suite of endpoint security protection software from Cylance USA. The software is capable of preventing ransomware, malware, and other attacks. A security vulnerability exists in Cylance CylancePROTECT versions prior to 1470, which stems from a user having...

7.8CVSS6.7AI score0.00056EPSS

Exploits1References1

OSV•added 2018/05/04 12:29 a.m.•1 views

CVE-2018-10722

In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink...

7.8CVSS5.9AI score0.00056EPSS

Exploits1References1

Cvelist•added 2004/09/01 4:0 a.m.•12 views

CVE-2001-0837

DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in 1 temp.html, 2 the log folder, and 3 the PhoneBook folder...

5.8AI score0.00099EPSS

Exploits0References3

NVD•added 2001/12/06 5:0 a.m.•11 views

CVE-2001-0837

2.1CVSS5.8AI score0.00099EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by