Lucene search
K

412 matches found

CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin Filr 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.7CVSS6.6AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 9:10 a.m.4 views

CVE-2025-40549

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

9.1CVSS7.3AI score0.01006EPSS
Exploits0References1
NVD
NVD
added 2025/11/18 9:15 a.m.8 views

CVE-2025-40549

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

9.1CVSS0.01006EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/18 8:41 a.m.4 views

EUVD-2025-197928

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

9.1CVSS6.8AI score0.01006EPSS
Exploits0References3
CVE
CVE
added 2025/11/18 8:41 a.m.14 views

CVE-2025-40549

SolarWinds Serv-U is affected by a Path Restriction Bypass vulnerability (CVE-2025-40549). Reports in multiple sources indicate that an attacker with administrative privileges could bypass directory restrictions and execute code on a directory, effectively enabling remote code execution. The issu...

9.1CVSS7AI score0.01006EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/11/18 8:41 a.m.9 views

CVE-2025-40549 SolarWinds Serv-U Path Restriction Bypass Vulnerability

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

9.1CVSS0.01006EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/18 8:41 a.m.2 views

CVE-2025-40549 SolarWinds Serv-U Path Restriction Bypass Vulnerability

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences ...

9.1CVSS6.9AI score0.01006EPSS
Exploits0References2
Redos
Redos
added 2025/11/13 12:0 a.m.6 views

ROS-20251113-08

A vulnerability in the Docker Compose multi-container application management tool is related to an incorrect restriction of the path name to a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely to overwrite an arbitrary file...

8.9CVSS9.1AI score0.13848EPSS
Exploits0
Redos
Redos
added 2025/10/20 12:0 a.m.5 views

ROS-20251020-01

Vulnerability in open source external resource management software Terraform is associated with an incorrect restriction on the path name of a restricted directory. Exploitation of the vulnerability could allow an attacker to download arbitrary files...

7.8CVSS6.9AI score0.00255EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-3361

Malware in sbrugna...

5CVSS6.4AI score0.01187EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-1584

Malware in sbrugna...

6.5CVSS6.4AI score0.01691EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-24508

Malware in sbrugna...

6.3CVSS6.5AI score0.00351EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1574

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01314EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2796

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.03101EPSS
Exploits0References7
Redos
Redos
added 2025/09/25 12:0 a.m.9 views

ROS-20250925-04

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS6.5AI score0.01184EPSS
Exploits14
Redos
Redos
added 2025/09/25 12:0 a.m.6 views

ROS-20250925-01

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS7AI score0.01184EPSS
Exploits14
Redos
Redos
added 2025/09/25 12:0 a.m.7 views

ROS-20250925-03

Vulnerability of TarFile.extractall and TarFile.extract functions of tarfile module of Python programming language interpreter CPython is related to incorrect restriction of path name of the directory with restricted directory. Python programming language interpreter CPython functions...

9.4CVSS6.4AI score0.01184EPSS
Exploits14
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.5 views

PT-2025-34784 · Google +1 · Android Debug Bridge +1

Name of the Vulnerable Software and Affected Versions: Kapsch TrafficCom RIS-9260 RSU LEO versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 Description: The Kapsch TrafficCom RIS-9260 RSU LEO software has the Android Debug Bridge ADB pre-installed and enabled by default. This allows...

9.8CVSS6.7AI score0.00305EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.10 views

The vulnerability of the Tidal component of the Alpine iLX-507 audio system allows a hacker to execute arbitrary code.

The vulnerability of the Tidal component of the Alpine iLX-507 audio system is related to an incorrect restriction on the name path to the restricted-access catalog. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.3CVSS7.9AI score0.0067EPSS
Exploits0References2
CVE
CVE
added 2025/08/05 12:8 a.m.46 views

CVE-2025-54794

CVE-2025-54794 – Claude Code path validation bypass : Claude Code versions older than 0.2.111 expose a directory-restriction bypass due to a path validation flaw that uses prefix matching instead of canonical path comparison. Exploitation requires either a pre-existing or creatable directory shar...

9.1CVSS6.4AI score0.00875EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder