Lucene search
K

8 matches found

CVE
CVE
โ€ขadded last weekโ€ข18 views

CVE-2026-54094

CVE-2026-54094 affects the File Browser project. Prior to version 2.63.14, HTTP handlers can follow symlinks inside a scoped userโ€™s directory, allowing read, write, or public-share actions to target files outside the userโ€™s intended scope via two patterns: (1) a final-path symlink escaping the sc...

7.5CVSS5.7AI score0.0046EPSS
Exploits0References1
OSV
OSV
โ€ขadded 2026/06/16 11:55 p.m.โ€ข7 views

GO-2026-5055 File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope in github.com/filebrowser/filebrowser

File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope in github.com/filebrowser/filebrowser...

7.5CVSS5.3AI score0.0046EPSS
Exploits0References3
Positive Technologies
Positive Technologies
โ€ขadded 2026/06/10 12:0 a.m.โ€ข16 views

PT-2026-48461

๐Ÿšจ CVE-2026-46558 Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in other Plane workspaces. This issue has been patched in version 1.3.1. ๐ŸŽ–@cveNotify...

8.3CVSS5.2AI score0.0028EPSS
Exploits3References4
EUVD
EUVD
โ€ขadded 2025/10/03 8:7 p.m.โ€ข5 views

EUVD-2023-24271

Malicious code in bioql PyPI...

4.4CVSS6.3AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
โ€ขadded 2025/05/23 4:53 a.m.โ€ข6 views

CVE-2023-20008

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are in the local file system. An attacke...

7.1CVSS6.7AI score0.00194EPSS
Exploits0References1
CNVD
CNVD
โ€ขadded 2018/03/09 12:0 a.m.โ€ข3 views

Siemens Multiple Product File Upload Vulnerability

Siemens DIGSI etc. are products of Siemens, Germany.Siemens DIGSI is a configuration and operation software for microcomputer protection devices.EN100 Ethernet module IEC 61850 variant is an Ethernet module product. A security vulnerability exists in various Siemens products, which results from t...

7.5CVSS7.3AI score0.01798EPSS
Exploits0References1
RedHat Linux
RedHat Linux
โ€ขadded 2016/03/15 1:18 p.m.โ€ข21 views

samba: Incorrect ACL get/set allowed on symlink path

A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL...

6.5CVSS6.8AI score0.12938EPSS
Exploits0References5
RedHat Linux
RedHat Linux
โ€ขadded 2016/03/15 12:30 p.m.โ€ข12 views

samba: Incorrect ACL get/set allowed on symlink path

A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL...

6.5CVSS6.8AI score0.12938EPSS
Exploits0References5
Rows per page
Query Builder