CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1590 matches found

RedhatCVE•added 2026/01/09 9:52 a.m.•7 views

CVE-2020-10584

A directory traversal on the /admin/searchby.php script of Invigo Automatic Device Management ADM through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application...

7.5CVSS7.1AI score0.00429EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:7 a.m.•4 views

CVE-2020-12876

Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments...

7.5CVSS6.9AI score0.00235EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:53 a.m.•3 views

CVE-2013-7360

Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors...

7.5CVSS7.2AI score0.0046EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:42 a.m.•8 views

CVE-1999-0270

Directory traversal vulnerability in pfdispaly.cgi program sometimes referred to as "pfdisplay" for SGI's Performer API Search Tool performertools allows remote attackers to read arbitrary files...

5CVSS7.1AI score0.01EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:40 a.m.•5 views

CVE-1999-0468

Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component...

2.6CVSS7AI score0.01861EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:39 a.m.•3 views

CVE-1999-0455

The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly...

7.5CVSS7AI score0.09129EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:39 a.m.•3 views

CVE-1999-0347

Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character...

10CVSS6.7AI score0.03186EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:39 a.m.•4 views

CVE-1999-0266

The info2www CGI script allows remote file access or remote command execution...

7.5CVSS7.2AI score0.0373EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:38 a.m.•3 views

CVE-1999-0871

Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability...

2.6CVSS6.8AI score0.11216EPSS

Exploits0References1

OSV•added 2025/12/30 11:15 p.m.•0 views

CVE-2022-50792

SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below contain an unauthenticated file disclosure vulnerability that allows remote attackers to access sensitive system files. Attackers can exploit the vulnerability by manipulating the 'file' GET parameter to disclose arbitrary files on the affected...

7.5CVSS5.8AI score0.00387EPSS

Exploits2References5

Cvelist•added 2025/12/18 4:20 p.m.•21 views

CVE-2025-14896

due to insufficient sanitazation in Vega’s convert function when safeMode is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitiv...

8.7CVSS0.00042EPSS

Exploits0References1

OpenVAS•added 2025/12/18 12:0 a.m.•2 views

Synology DiskStation Manager (DSM) File Disclosure Vulnerability (Synology-SA-24:20) - Active Check

Synology DiskStation Manager DSM is prone to a file disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.8AI score0.02935EPSS

Exploits0References3

Cvelist•added 2025/12/09 6:11 p.m.•18 views

CVE-2025-34414 Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE

Entrust Instant Financial Issuance IFI On Premise software formerly referred to as CardWizard versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel with...

9.3CVSS0.01272EPSS

Exploits0References3

Veracode•added 2025/11/10 8:50 a.m.•3 views

Path Traversal

mllogger is vulnerable to path traversal. the vulnerability is due to manipulation of the File argument in the loghandler function of mllogger/server.py, which allows an attacker to perform path traversal to read, create, or overwrite files remotely...

7.5CVSS7.3AI score0.00068EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2025/10/30 12:0 a.m.•3 views

PT-2025-44450

Name of the Vulnerable Software and Affected Versions IBM Tivoli Monitoring versions 6.3.0.7 through 6.3.0.7 Service Pack 21 Description The software potentially allows a remote attacker to access files on the system outside of the intended directories. This is achieved by sending a crafted URL...

7.5CVSS6.7AI score0.00059EPSS

Exploits0References5

EUVD•added 2025/10/29 9:30 a.m.•2 views

EUVD-2025-36634

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery...

5.9CVSS6.3AI score0.00083EPSS

Exploits0References5

Positive Technologies•added 2025/10/23 12:0 a.m.•2 views

PT-2025-43570

Name of the Vulnerable Software and Affected Versions Productivity Suite version v4.4.1.19 Description A flaw exists due to a binding to an unrestricted IP address in the ProductivityService PLC simulator. This allows an unauthenticated remote attacker to interact with the simulator. Successful...

10CVSS6.6AI score0.00368EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-6131

Malware in sbrugna...

4.3CVSS6.4AI score0.0944EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2006-6983

Malware in sbrugna...

7.1CVSS6.4AI score0.00316EPSS

Exploits1References2