Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

32 matches found

NVD
NVDadded 2026/03/19 11:16 p.m.5 views

CVE-2026-29098

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the actionexportCustom function in modules/ModuleBuilder/controller.php fails to properly neutralize path traversal sequences in the $modules and $name...

4.9CVSS0.00329EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/19 12:0 a.m.6 views

PT-2026-26436

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, the action exportCustom function in modules/ModuleBuilder/controller.php fails to properly neutralize path traversal sequences in the $modules and $name...

4.9CVSS5.8AI score0.00329EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/01/09 10:1 a.m.8 views

CVE-2011-0178

The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory...

2.1CVSS5.5AI score0.00333EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2011-0204

Malware in sbrugna...

2.1CVSS6.4AI score0.00333EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2015-5263

Malware in sbrugna...

9.8CVSS7.5AI score0.00991EPSS
Exploits0References5
Snyk
Snykadded 2025/01/29 8:50 p.m.2 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insufficient permission enforcement in DirectoryOperations.cs when writing temporary files downloaded from stages to the OS temporary directory. A user with access to that world-readable directory ca...

5.5CVSS6.6AI score0.00135EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/01/29 12:0 a.m.5 views

Snowflake snowflake-connector-net 安全漏洞

Snowflake snowflake-connector-net is the Snowflake connector from Snowflake USA for . A security vulnerability exists in snowflake-connector-net versions prior to 4.3.0, which originates when files downloaded from the Stage are temporarily placed in a globally-readable local directory, allowing...

5.5CVSS6.1AI score0.00135EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2024/11/02 3:55 a.m.3 views

SUSE CVE-2024-36814

An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory...

4.9CVSS6.8AI score0.00788EPSS
Exploits0References5
OSV
OSVadded 2024/10/08 7:15 p.m.6 views

CVE-2024-36814

An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory...

4.9CVSS4.9AI score0.00788EPSS
Exploits0References4
OSV
OSVadded 2024/07/25 8:15 p.m.1 views

DEBIAN-CVE-2024-29069

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

7.3CVSS5.5AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/03/14 12:0 a.m.2 views

PT-2024-6091 · Snapd +4 · Snapd +4

Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue is related to the improper checking of symbolic link destinations when extracting a snap. This could allow an attacker to convince a user to install a malicious snap, which in turn could cau...

8.2CVSS6.7AI score0.00826EPSS
Exploits2References32
OSV
OSVadded 2024/03/14 12:0 a.m.1 views

UBUNTU-CVE-2024-29069

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

7.3CVSS5.8AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2023/05/31 12:15 a.m.1 views

CVE-2023-28351

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain...

3.3CVSS5.9AI score0.00303EPSS
Exploits1References3
OSV
OSVadded 2023/05/31 12:15 a.m.3 views

CVE-2023-28351

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A local attacker can trivially extract these cleartext keystrokes, potentially enabling them to obtain...

3.3CVSS5.8AI score0.00303EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/02/01 12:0 a.m.5 views

PT-2023-2974 · Faronics · Faronics Insight

Name of the Vulnerable Software and Affected Versions: Faronics Insight version 10.0.19045 Description: An issue in Faronics Insight allows every keystroke made by any user on a computer with the Student application installed to be logged to a world-readable directory. This enables a local attack...

4.9CVSS6.8AI score0.00303EPSS
Exploits1References4
CNNVD
CNNVDadded 2022/02/17 12:0 a.m.26 views

snapd 安全漏洞

Snapd is an open source, cross-platform package management tool. A security vulnerability exists in snapd 2.54.2 and earlier versions, which stems from the software creating the snap directory in a user's home directory without specifying owner-only permissions. This may allow a local attacker to...

5.5CVSS5.7AI score0.00256EPSS
Exploits0References9
Debian CVE
Debian CVEadded 2021/06/09 11:9 a.m.20 views

CVE-2021-3532

Removed by vendor...

6.7AI score
Exploits0
OSV
OSVadded 2021/02/03 5:15 p.m.2 views

CVE-2021-25276

In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...

7.1CVSS5.9AI score
Exploits0References1
Cvelist
Cvelistadded 2018/11/27 9:0 p.m.21 views

CVE-2018-13352

Session Exposure in the web application for TerraMaster TOS version 3.1.03 allows attackers to view active session tokens in a world-readable directory...

8AI score0.01935EPSS
Exploits1References1
RedHat Linux
RedHat Linuxadded 2018/02/21 12:25 p.m.2 views

pulp: Leakage of CA key in pulp-qpid-ssl-cfg

It was found that the private CA key was created in a directory that is world-readable for a small amount of time. A local user could possibly use this flaw to gain access to the private key information in the file...

5.5CVSS5.8AI score0.00355EPSS
Exploits0References4
Rows per page
Query Builder