10 matches found
EUVD-2025-27471
Malicious code in bioql PyPI...
EUVD-2025-27473
Malicious code in bioql PyPI...
CVE-2025-58760
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The /image API endpoint in Tautulli v2.15.3 and earlier is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. In Tautulli, the /image API...
CVE-2025-58761
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The realpmsimageproxy endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. The realpmsimageproxy i...
CVE-2025-58761 Tautulli vulnerable to Unauthenticated Path Traversal in `real_pms_image_proxy`
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The realpmsimageproxy endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. The realpmsimageproxy i...
CVE-2025-58761 Tautulli vulnerable to Unauthenticated Path Traversal in `real_pms_image_proxy`
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The realpmsimageproxy endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. The realpmsimageproxy i...
CVE-2025-58760 Tautulli vulnerable to Unauthenticated Path Traversal in `/image` endpoint
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The /image API endpoint in Tautulli v2.15.3 and earlier is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. In Tautulli, the /image API...
CVE-2025-58760 Tautulli vulnerable to Unauthenticated Path Traversal in `/image` endpoint
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The /image API endpoint in Tautulli v2.15.3 and earlier is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. In Tautulli, the /image API...
CVE-2025-58760 Tautulli vulnerable to Unauthenticated Path Traversal in `/image` endpoint
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The /image API endpoint in Tautulli v2.15.3 and earlier is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. In Tautulli, the /image API...
CVE-2025-58760
CVE-2025-58760 affects Tautulli up to version 2.15.3. The vulnerability is a path traversal in the unauthenticated /image endpoint, which serves static images from the app data directory and can be exploited to read arbitrary files on the server. Impacted files include tautulli.db (JWT tokens) an...