CVE-2025-69428

An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories...

CVE-2025-69428

An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories...

PT-2026-35514

CVE-2025-69428 An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories. https://t.co/JqzY6tQLxL...

CVE-2025-69428

An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories...

EUVD-2025-209579

An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories...

CVE-2025-69428

Pro-Bit vulnerability CVE-2025-69428: Affected software is Pro-Bit before v1.77.4. Unauthenticated attackers can directly access a sensitive directory and its subdirectories. Root cause details are not explicitly described beyond the access to the directory tree. The CVE has a CVSS v3.1 base scor...

CVE-2026-33369

Zimbra Collaboration (ZCS) versions 10.0 and 10.1 are affected by an LDAP injection in the Mailbox SOAP service during a FolderAction operation. The vulnerability arises because user input is not properly sanitized before being incorporated into an LDAP search filter, enabling an authenticated at...

CVE-2026-25722

Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the cd command to navigate into sensitive directories like .claude, it was possible to bypass write protecti...

EUVD-2014-4684

Malware in sbrugna...

CVE-2025-2827 IBM Sterling File Gateway information disclosure

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system...

CVE-2025-2827

IBM Sterling File Gateway versions 6.0.0.0–6.1.2.6 and 6.2.0.0–6.2.0.4 are affected by CVE-2025-2827, which could disclose sensitive installation directory information to an authenticated user and enable follow-on attacks. The underlying issue is an information disclosure vulnerability (CWE-548) ...

PT-2025-27922 · Dynamiapps · Frontend Admin

Name of the Vulnerable Software and Affected Versions: Frontend Admin by DynamiApps versions n/a through 3.28.7 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows for Path Traversal in the affected...

Jenkins < 2.303.3, < 2.319 Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Information disclosure

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

CVE-2016-9772

CVE-2016-9772 affects OpenAFS 1.6.19 and earlier, allowing remote attackers to obtain sensitive directory information via vectors including the client cache partition, the fileserver vice partition, or certain RPC responses. The linked documents corroborate the impact and note downstream package ...

CVE-2014-4765

IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5 through 7.5.0.6, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 and 7.2 for Tivoli IT Asset Management for IT and certain other products allow remote...

CVE-2012-0950

The Apport hook DistUpgradeApport.py in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerabilit...

Sun Java System Application Server Information Disclosure vulnerability

Java Application Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Sun Java System Application Server Information Disclosure vulnerability

The host is running Java Application Server and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodsunjavaappservinfodiscvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ Sun Java System Application Server Information Disclosure vulnerability Authors: Sharath S...