Lucene search
K

35 matches found

OSV
OSV
added 2026/06/12 9:53 p.m.10 views

GHSA-239W-M3H6-CH8V File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope

Summary File Browser enforces per-user scope with afero.NewBasePathFsafero.NewOsFs, scope, set up in users/users.go. This blocks lexical ../ traversal, but it does not stop the HTTP file handlers from following symbolic links before they open, serve, write, share, or list a file. As a result, a...

6.8CVSS5.2AI score0.0046EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/04/29 9:13 a.m.96 views

Exploit for CVE-2024-8503

vicidial-cve-2024-8503-blind-sqli-p...

9.8CVSS8.8AI score0.80023EPSS
Exploits10
EUVD
EUVD
added 2026/04/08 6:34 p.m.1 views

EUVD-2026-20515

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

7.1CVSS6.2AI score0.00413EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 6:25 p.m.2 views

CVE-2026-32590

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

8.8CVSS0.00413EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/04/08 5:4 p.m.3 views

CVE-2026-32590

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References12
CVE
CVE
added 2026/04/08 5:4 p.m.26 views

CVE-2026-32590

CVE-2026-32590 affects Red Hat Quay and relates to the handling of resumable container image layer uploads. The vulnerability stems from how intermediate upload data is stored in the database: if this data is tampered with, an attacker could trigger arbitrary code execution on the Quay server (re...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References11Affected Software2
Cvelist
Cvelist
added 2026/04/08 5:4 p.m.32 views

CVE-2026-32590 Mirror-registry: remote code execution using pickle deserialization

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

7.1CVSS0.00413EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2026/04/08 5:4 p.m.4 views

CVE-2026-32590 Mirror-registry: remote code execution using pickle deserialization

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

7.1CVSS6.2AI score0.00413EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/04/08 5:4 p.m.4 views

CVE-2026-32590

A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.10 views

PT-2026-31342

Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database in a format that, if manipulated, could...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.3 views

CVE-2026-35412

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/06 9:33 p.m.3 views

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:33 p.m.4 views

CVE-2026-35412

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/04/04 6:11 a.m.4 views

Incorrect Authorization

Overview directus is a Directus is a real-time API and App dashboard for managing SQL database content. Affected versions of this package are vulnerable to Incorrect Authorization in the TUS upload process. An attacker can overwrite arbitrary files and corrupt metadata by uploading files with the...

8.1CVSS6AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/04/04 6:11 a.m.4 views

GHSA-QQMV-5P3G-PX89 Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Summary Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directusfile...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/04 6:11 a.m.9 views

Directus: TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Summary Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only collection-level authorization checks, verifying the user has some permission on directusfile...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.6 views

PT-2026-30329

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6AI score0.00302EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:0 p.m.3 views

CVE-2026-33329

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/24 7:14 p.m.3 views

CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/24 7:14 p.m.5 views

EUVD-2026-14992

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...

8.1CVSS5.9AI score0.00444EPSS
Exploits1References3
Rows per page
Query Builder