Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/03/26 10:16 p.m.1 views

CVE-2026-33670

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue...

9.8CVSS0.00031EPSS
Exploits1References1
Snyk
Snykadded 2026/03/25 7:38 p.m.1 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the readDir API endpoint. An attacker can access and enumerate arbitrary directories and retrieve file names by sending crafted requests to the endpoint. Details A Directory Traversal attack also known as path...

9.8CVSS6.9AI score0.00031EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2022/09/16 7:28 p.m.31 views

Tauri's readDir Endpoint Scope can be Bypassed With Symbolic Links

Impact Due to missing canonicalization when readDir is called recursively, it was possible to display directory listings outside of the defined fs scope. This required a crafted symbolic link or junction folder inside an allowed path of the fs scope. No arbitrary file content could be leaked...

8.3CVSS5.6AI score0.00452EPSS
Exploits1References9Affected Software1
Prion
Prionadded 2022/09/15 10:15 p.m.10 views

Design/Logic Flaw

Tauri is a framework for building binaries for all major desktop platforms. Due to missing canonicalization when readDir is called recursively, it was possible to display directory listings outside of the defined fs scope. This required a crafted symbolic link or junction folder inside an allowed...

5CVSS5.6AI score0.00452EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2022/09/15 9:35 p.m.4 views

CVE-2022-39215 The readDir Endpoint Scope can be Bypassed With Symbolic Links in Tauri

Tauri is a framework for building binaries for all major desktop platforms. Due to missing canonicalization when readDir is called recursively, it was possible to display directory listings outside of the defined fs scope. This required a crafted symbolic link or junction folder inside an allowed...

8.3CVSS8.4AI score0.00452EPSS
Exploits1References4
Cvelist
Cvelistadded 2022/09/15 9:35 p.m.17 views

CVE-2022-39215 The readDir Endpoint Scope can be Bypassed With Symbolic Links in Tauri

Tauri is a framework for building binaries for all major desktop platforms. Due to missing canonicalization when readDir is called recursively, it was possible to display directory listings outside of the defined fs scope. This required a crafted symbolic link or junction folder inside an allowed...

8.3CVSS8.4AI score0.00452EPSS
Exploits1References4
RustSec
RustSecadded 2022/08/07 12:0 p.m.20 views

`tauri`'s `readDir` endpoint allows possible enumeration outside of filesystem scope

It is possible for readDir to incorrectly enumerate files from a symlinked directory if called recursively when specifying an empty string for the dir parameter as outlined in this issue. This is corrected in this PR by checking if a directory is a symlink before reading from it...

8.3CVSS3.7AI score0.00452EPSS
Exploits1Affected Software1
Rows per page
Query Builder