CVE-2025-55132

A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via futimes even when the process has only read permissions. Unlike utimes, futimes does not apply the expected write-permission checks, which means file metadata can be modified in read-only...

EUVD-2001-1174

Malware in sbrugna...

CVE-2024-13374

The WP Table Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on thewptmgetFolders AJAX action in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read...

PT-2025-6443 · WordPress · Wp Table Manager

Name of the Vulnerable Software and Affected Versions: WP Table Manager plugin for WordPress versions up to, and including, 4.1.3 Description: The issue is related to a missing capability check on the thewptm getFolders AJAX action, allowing authenticated attackers with Subscriber-level access an...

EMC Avamar ADS and AVE Unauthorized Data Access Vulnerability

EMC Avamar is a remote backup and recovery solution. An unauthorized data access vulnerability exists in EMC Avamar versions prior to 7.1.2 and 7.2.x prior to 7.2.1, ADS, and AVE in the web-restore interface implementation. An authenticated remote user can read or delete directories via a Linux...

CVE-2000-0674

CVE-2000-0674 affects the ftp.pl CGI in Virtual Visions' FTP server, allowing remote attackers to read directories outside the document root via a ../ traversal. The vulnerable component is the CGI script handling FTP directory listings (ftp.pl). Impact is information disclosure (directory listin...

CVE-2000-0674

ftp.pl CGI program for Virtual Visions FTP browser allows remote attackers to read directories outside of the document root via a .. dot dot attack...