Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/02/04 12:9 a.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the LicensingInfos function, which reads license files specified in the copyright.license-path field without validating that paths remain within the workspace directory. An attacker can access and exfiltrate...

8.7CVSS6.5AI score0.00005EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2025/11/29 2:28 a.m.6 views

CVE-2025-66221

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory...

6.3CVSS5.5AI score0.00042EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2025/06/13 7:15 a.m.2 views

CVE-2025-22242

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...

5.6CVSS7.2AI score0.00303EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2021/12/02 10:4 p.m.2 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.00352EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/12/01 12:28 p.m.0 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.00352EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2021/11/04 12:0 a.m.2 views

PT-2021-5385 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier, LTS versions 2.303.2 and earlier Description: The issue is related to the absence of an authorization procedure in the FilePathreadingFileVisitor component of the Jenkins automation server. This allows a...

7.8CVSS8.1AI score0.00352EPSS
Exploits0References15
CNNVD
CNNVDadded 2021/11/03 12:0 a.m.2 views

nbdime 跨站脚本漏洞

nbdime is the open source tool for differentiating and merging Jupyter notebooks. nbdime suffers from a cross-site scripting vulnerability that stems from the fact that when the software reads filenames and paths from disk, the extension does not effectively filter and escape the constructed stri...

8.7CVSS6.7AI score0.00337EPSS
Exploits0References2
Rows per page
Query Builder