Lucene search
K

7 matches found

CVE
CVE
added 2026/06/24 1:21 p.m.36 views

CVE-2026-35025

ProFTPD versions affected: 1.3.9b and 1.3.10rc2. Issue: an access control bypass in the RNFR path handling allows authenticated FTP users to bypass Directory ACL restrictions by prefixing paths with /proc/self/root. Root cause: unresolved symlink components in dir_canonical_path() cause dir_check...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/24 12:0 p.m.14 views

RUSTSEC-2026-0188 WASI hard links and renames bypass wasmtime-wasi's FilePerms for destination

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-4ch3-9j33-3pmj For more information see the GitHub-hosted security advisory...

6.5CVSS5.8AI score0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/01 4:36 p.m.32 views

CVE-2026-45264 Nextcloud: ACL Rename Permission Bypass in Team Folders Allows Unauthorized File Renames

Nextcloud is an open source content collaboration platform. From versions 17.0.0 to before 17.0.15, 18.0.0 to before 18.1.12, 19.0.0 to before 19.1.16, 20.0.0 to before 20.1.11, and 21.0.0 to before 21.0.4, a user with READ and CREATE permission, but no UPDATE permission for a team folder can...

4.3CVSS0.00229EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 4:36 p.m.35 views

CVE-2026-45264

Nextcloud shows an ACL-based permission bypass affecting Team Folders. A user with READ and CREATE (but not UPDATE) permission could rename files within a Team Folder in multiple branches: 17.0.0–17.0.14, 18.0.0–18.1.11, 19.0.0–19.1.15, 20.0.0–20.1.10, and 21.0.0–21.0.3. The issue has been patche...

4.3CVSS5.7AI score0.00229EPSS
Exploits0References3
CVE
CVE
added 2025/12/18 8:32 p.m.13 views

CVE-2025-62001

Summary: CVE-2025-62001 affects BullWall Ransomware Containment. A flaw in configurable/exclusion handling could let an attacker with file write permissions bypass monitoring by renaming directories (e.g., $RECYCLE.BIN/$recycle.bin). Affected versions (per sources): 4.6.0.0, 4.6.0.6, 4.6.0.7, 4.6...

8.8CVSS6.1AI score0.00326EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7908

Malware in sbrugna...

7.2CVSS7AI score0.01437EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:3 a.m.8 views

CVE-2019-17575

A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. For example: place PHP code in a .jpg file, and then change the file's base name to filename.p...

7.2CVSS7.6AI score0.01437EPSS
Exploits1References1
Rows per page
Query Builder