Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

Positive Technologies
Positive Technologiesadded 2023/06/19 12:0 a.m.4 views

PT-2023-24190 · Jenkins · Jenkins Team Concert Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Team Concert Plugin versions 2.4.1 and earlier Description: The issue is related to missing permission checks in the Jenkins Team Concert Plugin, which allows attackers with Overall/Read permission to check for the existence of an...

4.3CVSS6.9AI score0.00497EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

5.1CVSS6.9AI score0.00347EPSS
Exploits0References10
ATTACKERKB
ATTACKERKBadded 2022/07/27 3:15 p.m.6 views

CVE-2022-36913

Jenkins Openstack Heat Plugin 1.5 and earlier does not perform permission checks in methods implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

4.3CVSS5.8AI score0.0047EPSS
Exploits0References4
Cvelist
Cvelistadded 2019/10/19 12:2 a.m.17 views

CVE-2019-18202

Information Disclosure is possible on WAGO Series PFC100 and PFC200 devices before FW12 due to improper access control. A remote attacker can check for the existence of paths and file names via crafted HTTP requests...

5.8CVSS5.2AI score0.01789EPSS
Exploits0References1
OSV
OSVadded 2018/08/06 4:0 p.m.4 views

UBUNTU-CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

3.3CVSS5.8AI score0.00347EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2017/09/07 12:0 a.m.4 views

PT-2018-3455 · Linux Containers +3 · Lxc +3

Name of the Vulnerable Software and Affected Versions: LXC versions 2.0.9 and above LXC versions 3.0.0 and above, prior to 3.0.2 Description: The issue is related to the lxc-user-nic when deleting a network interface, which unconditionally opens a user-provided path. This can be used by an...

9.3CVSS6.2AI score0.9857EPSS
Exploits34References70
Hacker One
Hacker Oneadded 2016/10/08 12:20 p.m.76 views

Files.com: Existence of Folder path by guessing the path through response

Enter the support PIN from your test site: 423088 Enter the name of your test site : https://bugbounty5.brickftp.com Enter the subdomain from your test site : https://bugbounty5.brickftp.com ---- Description Suppose there are 2 Folders in the site Test1 Test2 but a member has only Admin permissio...

6.7AI score
Exploits0
Rows per page
Query Builder