101355 matches found
CVE-2026-10846
CVE-2026-10846 affects nlnts ldns used as a stub resolver over UDP. FreeBSD advisories confirm that ldns failed to verify response provenance (source IP/port, transaction ID, and question matching), enabling off‑path spoofing of UDP responses and arbitrary data delivery to programs using ldns (e....
CVE-2026-24717
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...
CVE-2025-62851
A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...
EUVD-2026-35976
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...
CVE-2026-24717 QTS, QuTS hero
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...
CVE-2026-24717
CVE-2026-24717 describes a path traversal vulnerability affecting several QNAP operating system versions. The issue allows an administrator (needs admin privileges) to read unexpected files or system data through a path traversal flaw. Affected products include QTS and QuTS hero lines, with fixed...
CVE-2026-24717 QTS, QuTS hero
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...
cve-research
CVE Research Personal repository for CVE analysis, proof-of-c...
CVE-2025-62851 License Center
A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...
CVE-2025-62851 License Center
A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...
CVE-2025-62851
The issue is CVE-2025-62851 affecting License Center. A path traversal vulnerability exists when an attacker who already has an administrator account can read contents of unexpected files or system data. The vulnerability details indicate exploitation requires administrator privileges and does no...
EUVD-2025-210098
A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...
CVE-2026-40128
SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...
SUSE CVE-2026-52904
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...
EUVD-2026-35844
CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in an arbitrary file system write. An attacker could leverage this vulnerability to write to...
CVE-2026-46491
SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. Prior to version 7.0.3, simplesamlphp-module-casserver builds file paths for the file-based CAS ticket store by directly concatenating the configured ticket directory with an attacker-controll...
CVE-2026-44716
Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. From version 0.0.90 to before version 1.2.0, a path traversal vulnerability exists in Pipecat's development runner src/pipecat/runner/run.py. When the runner is started with the --folder...
PT-2026-48568
🔴 CVE-2026-52726 is being exploited for RCE: attackers can drop malicious .git/hooks payloads via Dulwich's submodule path traversal flaw. This bypasses standard protections. Patch immediately to prevent full compromise. NerdieNews CyberSecurity Vulnerability https://t.co/tIoG1l3nqd...
PT-2026-48538
Path Traversal in clear plugin cache Allows Arbitrary Directory Deletion | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 | | Vulnerability | CWE-22 — Improper Limitation of a Pathname to a Restricted Directory | | Severity | High |...
PT-2026-48359
Name of the Vulnerable Software and Affected Versions License Center versions prior to 1.9.56 Description A path traversal issue allows a local attacker with administrator account privileges to read the contents of unexpected files or system data. Path traversal is a technique where an attacker...