Lucene search
+L

70 matches found

nvd
nvd
added 2 days ago4 views

CVE-2026-50510

Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally...

7.8CVSS0.00306EPSS
Exploits0References1
mscve
mscve
added 2 days ago4 views

GitHub Copilot Remote Code Execution Vulnerability

Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score0.00306EPSS
Exploits0
euvd
euvd
added 2026/06/25 7:40 p.m.7 views

EUVD-2026-39549

Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...

6.3CVSS5.8AI score0.00124EPSS
Exploits0References2
redos
redos
added 2026/04/30 12:0 a.m.9 views

ROS-20260430-73-0004

Vulnerability in buildkit related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

9.8CVSS5.4AI score0.00498EPSS
Exploits0
cnnvd
cnnvd
added 2026/03/13 12:0 a.m.8 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by Node.js’s built-in APIs. Versions 17.0 to 28.4.1, 27.3.4.9, and 26.2.5.18 of Erlang/OTP contain security vulnerabilities due to improper path name restrictions, which may lead to...

5.4CVSS7.1AI score0.00363EPSS
Exploits0References7
osv
osv
added 2026/03/10 6:18 p.m.6 views

CVE-2026-25177

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.01241EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/03/10 5:4 p.m.4 views

CVE-2026-25177

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.01241EPSS
Exploits1References2Affected Software21
cnnvd
cnnvd
added 2026/02/26 12:0 a.m.9 views

Hexpm 安全漏洞

Hexpm is a web page and interface developed by Hex. Hexpm has a security vulnerability, which stems from improper path name restrictions, potentially leading to relative path traversal...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/02/20 12:0 a.m.7 views

WordPress plugin User Extra Fields 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...

8.6CVSS5.8AI score0.00518EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/02/20 12:0 a.m.7 views

WordPress plugin User Extra Fields 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...

7.7CVSS5.8AI score0.00456EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/01/22 12:0 a.m.6 views

WordPress plugin Anona: Path traversal vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

8.6CVSS5.8AI score0.00458EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2003-1583

Malware in sbrugna...

7.5CVSS6.4AI score0.01905EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2025/08/11 12:0 a.m.11 views

The vulnerability of the WinRAR file archiver, related to incorrect restrictions on the path name of the restricted directory, allows a hacker to execute arbitrary code.

The vulnerability of the WinRAR file archiver is related to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability allows an attacker to execute arbitrary code during the extraction of a specially crafted file...

7.8CVSS7.8AI score0.80906EPSS
Exploits35References3Affected Software1
bdu_fstec
bdu_fstec
added 2025/05/02 12:0 a.m.10 views

The vulnerability of operating systems iOS, iPadOS, and macOS arises from incorrect restrictions on path names in restricted access directories, allowing attackers to gain unauthorized access to confidential data.

The vulnerability of iOS, iPadOS, and macOS operating systems is related to incorrect restrictions on path names in restricted access directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data...

6.5CVSS5.5AI score0.00427EPSS
Exploits0References7Affected Software3
bdu_fstec
bdu_fstec
added 2025/02/06 12:0 a.m.7 views

The vulnerability of the software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak System allows a perpetrator to expose protected information.

The vulnerability of software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak Systems is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected...

5.3CVSS5.9AI score0.00478EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2025/01/27 12:0 a.m.6 views

The vulnerability of the Microsoft OneNote note-taking software for the Mac OS allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft OneNote software for the Mac OS relates to incorrect restrictions on file names and other resources. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...

7.8CVSS8.1AI score0.0065EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2025/01/23 12:0 a.m.11 views

The vulnerability of the Microsoft Office software package and the Microsoft Outlook email client arises from incorrect restrictions on file names and other resources, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office software and the Microsoft Outlook email client is related to incorrect restrictions on file names and other resources. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS8.1AI score0.00732EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2025/01/20 12:0 a.m.7 views

The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.

The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...

5.3CVSS5.5AI score0.00763EPSS
Exploits0References2Affected Software7
bdu_fstec
bdu_fstec
added 2025/01/20 12:0 a.m.10 views

The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.

The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...

7.8CVSS5.5AI score0.14944EPSS
Exploits0References2Affected Software7
bdu_fstec
bdu_fstec
added 2025/01/17 12:0 a.m.7 views

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS8.1AI score0.03189EPSS
Exploits1References3
Rows per page
Query Builder