Lucene search
+L

311 matches found

Cvelist
Cvelist
added 2026/02/09 3:25 a.m.39 views

CVE-2025-66599

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Physical paths could be displayed on web pages. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN,...

6.9CVSS0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.8 views

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the versions of Yokogawa FAST/TOOLS from R9.01 to R10.04. These vulnerabilities stem from the possibility of physical paths being...

6.9CVSS5.8AI score0.00261EPSS
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.16 views

AWStats <= 7.5 - Full Path Disclosure

AWStats 7.6 contains a full path disclosure caused by improper handling of framename and update parameters in awstats.pl, letting remote attackers determine server file paths, exploit requires sending crafted parameters. id: CVE-2018-10245 info: name: AWStats = 7.5 - Full Path Disclosure author:...

5.3CVSS6.9AI score0.01917EPSS
Exploits1References2
NVD
NVD
added 2026/01/23 9:15 p.m.8 views

CVE-2025-52023

A vulnerability in the PHP backend of gemscms.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This occurs when specially crafted HTTP GET/POST requests are sent to public A...

5.3CVSS0.00407EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.7 views

WordPress plugin Fancy Product Designer has a security vulnerability.

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.00288EPSS
Exploits0References2
OSV
OSV
added 2026/01/05 11:15 p.m.13 views

AZL-73526 CVE-2025-69226 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...

6.3CVSS7AI score0.00313EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.6 views

PT-2025-51289

Name of the Vulnerable Software and Affected Versions Soosyze version 2.0.0 Description The application has a file upload issue that permits attackers to upload arbitrary HTML files containing PHP code. This broken file upload mechanism could allow attackers to view sensitive file paths and execu...

9.8CVSS6.7AI score0.00558EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.8 views

CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS6.5AI score0.00251EPSS
Exploits0References1
OSV
OSV
added 2025/12/05 6:15 p.m.5 views

UBUNTU-CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS5.7AI score0.00251EPSS
Exploits0References6
CVE
CVE
added 2025/12/05 5:47 p.m.34 views

CVE-2025-66549

The CVE-2025-66549 entry concerns Nextcloud Desktop (the desktop sync client). Before version 3.16.5, locking a file inside an end-to-end encrypted directory would send the file’s path to the server unencrypted, allowing administrators to see it in logs. The root cause is unencrypted transmission...

2.7CVSS6.2AI score0.00251EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/12/02 1:21 a.m.5 views

EUVD-2025-36426

Keycloak unable to restrict access to the admin console...

3.7CVSS6AI score0.00386EPSS
Exploits0References7
CVE
CVE
added 2025/10/28 3:8 a.m.35 views

CVE-2025-10939

Keycloak is affected by a path traversal vulnerability (CVE-2025-10939) that can expose the admin console path via relative or non-normalized URLs (e.g., /realms/../admin/), potentially bypassing proxy restrictions intended to block /admin. Multiple sources (including GHSA entry and Nessus plugin...

3.7CVSS6.2AI score0.00386EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/10/28 2:58 a.m.5 views

CVE-2025-10939

A flaw was found in Keycloak. The Keycloak guides recommend to not expose /admin path to the outside in case the installation is using a proxy. The issue occurs at least via ha-proxy, as it can be tricked to using relative/non-normalized paths to access the /admin application path relative to...

3.7CVSS6.1AI score0.00386EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/28 12:0 a.m.13 views

PT-2025-44084

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak where the /admin path can be accessed via a proxy, such as ha-proxy, by using relative or non-normalized paths. Keycloak documentation advises against exposing the...

3.7CVSS6.5AI score0.00386EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-4163

Malware in sbrugna...

5CVSS9.2AI score0.023EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-25596

Malware in sbrugna...

5.3CVSS5.5AI score0.01021EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2002-1969

Malware in sbrugna...

5CVSS6.4AI score0.02154EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-8328

Malware in sbrugna...

5.3CVSS5.5AI score0.01949EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0303

Malware in sbrugna...

5CVSS6.4AI score0.01464EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-2025

Malware in sbrugna...

4.3CVSS6.4AI score0.02232EPSS
Exploits0References5
Rows per page
Query Builder