Lucene search
K

4 matches found

CVE
CVE
added 2025/10/17 8:2 p.m.14 views

CVE-2025-11913

CVE-2025-11913 affects Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The vulnerability is in the Download function of the file /Service.do?Action=Download, where manipulation of the Path argument leads to path traversal. It can be exploited remotely and the exploit has been disclosed public...

6.5CVSS6.5AI score0.00783EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2020/09/01 12:15 p.m.6 views

UBUNTU-CVE-2018-12475

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

6.5CVSS5.8AI score0.0061EPSS
Exploits0References3
OSV
OSV
added 2019/02/21 2:29 p.m.4 views

CVE-2019-8982

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF...

9.6CVSS7.3AI score0.25563EPSS
Exploits1References1
OSV
OSV
added 2006/06/07 12:2 a.m.4 views

DEBIAN-CVE-2006-2875

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...

7.5CVSS8.4AI score0.06778EPSS
Exploits0References1
Rows per page
Query Builder