Hitachi Energy Relion REB500 Product Privilege Defined with Unsafe Actions (CVE-2026-2459)

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2026-2459

CVE-2026-2459 affects REB500. The vulnerability allows an authenticated user with the Installer role to access and alter directory contents beyond what the role is authorized to do, indicating unauthorized disclosure/modification risk for the affected directories. The provided metrics list CVSS v...

CVE-2026-2459

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so...

CVE-2026-2459

A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directories that the role is not authorized to do so...

Hitachi Energy Relion REB500 安全漏洞

Hitachi Energy Relion REB500 is a distributed busbar protection system developed by Hitachi Energy. There is a security vulnerability in Hitachi Energy Relion REB500. This vulnerability stems from the ability of low-privilege verified users to access and modify the contents of unauthorized...

Hitachi Energy Relion REB500 安全漏洞

Hitachi Energy Relion REB500 is a distributed busbar protection system developed by Hitachi Energy. There is a security vulnerability in Hitachi Energy Relion REB500. This vulnerability stems from the ability of authenticated users with the Installer role to access and modify content in...

CVE-2025-13879 Directory traversal vulnerability in EfficientIP's SOLIDserver IPAM

Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have authorized access using the 'directory' parameter in '/mod/ajax.php?action=sections/list/list'.For...

CVE-2025-65952

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

EUVD-2025-199659

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

CVE-2025-65952 Console is vulnerable to path traversal regarding custom assets

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

EUVD-2008-4687

Malware in sbrugna...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2023-24484

A malicious user can cause log files to be written to a directory that they do not have permission to write to...

Path Traversal in Git HTTP endpoints in Gogs

Impact The malicious user is able to craft HTTP requests to access unauthorized Git directories. All installations with are affected. Patches Path cleaning has accommodated for Git HTTP endpoints. Users should upgrade to 0.12.9 or the latest 0.13.0+dev. Workarounds N/A References...

jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories

A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...

Pydio Cells Elevation of Privilege Vulnerability

Pydio Cells is a transition application for managing files on a Pydio Cells 1.2.X server. An elevation of privilege vulnerability exists in versions of Pydio Cells prior to 1.5.0, which stems from Pydio Cells failing to neutralize the... /element, which can be exploited by an attacker with very l...