Lucene search
K

6 matches found

CNVD
CNVD
added 2026/04/15 12:0 a.m.5 views

Schneider Electric PowerChute Serial Shutdown Path Traversal Vulnerability

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown and energy management software from Schneider Electric, France. A path traversal vulnerability exists in Schneider Electric PowerChute Serial Shutdown, which can be exploited by an attacker to cause a web...

6.9CVSS5.4AI score0.00204EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.6 views

EulerOS 2.0 SP13 : tar (EulerOS-SA-2026-1299)

According to the versions of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must...

4.1CVSS5.9AI score0.00433EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.11 views

PT-2026-22221

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description Kiteworks, a private data network, contains a flaw in its command execution functionality. Authenticated users can redirect command output to arbitrary file locations, potentially overwriting...

8.8CVSS6.2AI score0.01951EPSS
Exploits0References8
EUVD
EUVD
added 2026/02/03 12:0 a.m.3 views

EUVD-2025-206705

FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the /api/upload API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files such as the SQLite user...

6AI score0.00726EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 11:20 a.m.10 views

CVE-2024-8060

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

8.1CVSS7.9AI score0.00881EPSS
Exploits0References1
OSV
OSV
added 2018/10/31 2:29 p.m.4 views

CVE-2018-15321

When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, BIG-IQ Centralized Management 5.0.0-5.4.0 or 4.6.0, BIG-IQ Cloud and Orchestration 1.0.0, iWorkflow 2.1.0-2.3.0, or Enterprise Manager 3.1.1 is licensed for Appliance Mode, Admin and Resource...

4.9CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder