Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31912

Malicious code in bioql PyPI...

9.8CVSS8.4AI score0.00726EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/09/02 12:0 a.m.4 views

Copeland E2 Facility Management Systems 安全漏洞

Copeland E2 Facility Management Systems is an industrial facility control system from Copeland Corporation. A security vulnerability exists in Copeland E2 Facility Management Systems that stems from improper handling of proprietary protocols, which could lead to unauthorized file manipulation...

9.3CVSS6.6AI score0.00324EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/14 10:36 a.m.22 views

CVE-2025-4430 Unauthorized file manipulation in EZD RP

Unauthorized access to "/api/Token/gettoken" endpoint in EZD RP allows file manipulation.This issue affects EZD RP in versions before 20.19 published on 22nd August 2024...

8.6CVSS0.00298EPSS
Exploits0References2
Veracode
Veracode
added 2024/11/15 6:39 a.m.5 views

Unauthorized File Manipulation

ansiblecore is vulnerable to Unauthorized File Manipulation. The vulnerability is due to the user module allowing an unprivileged user with directory traversal permissions to create or replace files on any system path and gain ownership when a privileged user executes the module against the...

6.3CVSS6.3AI score0.00248EPSS
Exploits0References13Affected Software2
CVE
CVE
added 2024/10/02 4:55 p.m.81 views

CVE-2024-20477

Cisco CVE-2024-20477 concerns an unauthorized REST API endpoint in Cisco Nexus Dashboard Fabric Controller (NDFC). An authenticated, low-privilege, remote attacker could bypass authorization on this endpoint and upload files into a specific container or delete files from a folder within that cont...

5.4CVSS5.4AI score0.00456EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.3 views

Infinera Transcend Network Management System 安全漏洞

Infinera Transcend Network Management System Infinera TNMS is a powerful element, network, and service management system from Infinera USA. A security vulnerability exists in Infinera Transcend Network Management System version 19.10.3, which stems from a WebDAV service that allows a low-privileg...

9CVSS6.8AI score0.00535EPSS
Exploits0References2
OSV
OSV
added 2024/06/06 7:16 p.m.13 views

CVE-2024-3322

A path traversal vulnerability exists in the 'cybersecurity/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'processfolder' function within...

9.8CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added 2024/06/06 6:40 p.m.23 views

CVE-2024-3322 Path Traversal in parisneo/lollms-webui

A path traversal vulnerability exists in the 'cybersecurity/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'processfolder' function within...

8.4CVSS0.00726EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/06/06 6:40 p.m.13 views

CVE-2024-3322 Path Traversal in parisneo/lollms-webui

A path traversal vulnerability exists in the 'cybersecurity/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerability arises from the improper limitation of a pathname to a restricted directory in the 'processfolder' function within...

8.4CVSS6.4AI score0.00726EPSS
Exploits1References2
OSV
OSV
added 2023/07/25 9:6 p.m.33 views

CVE-2023-38501 copyparty vulnerable to reflected cross-site scripting via k304 parameter

copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter ?k304=... and ?setck=.... The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of t...

6.3CVSS6.1AI score0.06195EPSS
Exploits3References5
CNVD
CNVD
added 2020/06/11 12:0 a.m.10 views

Unspecified Vulnerability in McAfee VirusScan Enterprise

McAfee VirusScan Enterprise VSE is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A security vulnerability exists in McAfee VSE versions prior to 8...

7.8CVSS7AI score0.004EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2007/10/23 12:0 a.m.30 views

Flatnuke 3 - Remote Command Execution / Privilege Escalation

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Flatnuke 3...

7.4AI score
Exploits0
Rows per page
Query Builder