Lucene search
+L

28 matches found

nvd
nvd
added 2026/07/08 2:17 p.m.7 views

CVE-2026-53480

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory 'path...

2.7CVSS0.00263EPSS
Exploits0References1
euvd
euvd
added 2026/07/08 1:44 p.m.5 views

EUVD-2026-42244

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory 'path...

2.7CVSS6AI score0.00263EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:42 p.m.11 views

CVE-2025-36145

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...

5.4CVSS5.5AI score0.00166EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/26 3:50 p.m.9 views

CVE-2025-36145

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...

5.4CVSS5.8AI score0.00166EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2025/12/09 6:30 p.m.7 views

EUVD-2025-202292

An issue was discovered in function phpinisaveAction in file webmain/system/cogini/coginiAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to authenticated users to modify PHP configuration files via the a parameter to the index.php endpoint...

6.3AI score0.00212EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-15894

Malware in sbrugna...

7.8CVSS7.5AI score0.0163EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35240

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.0032EPSS
Exploits0References1
redhat
redhat
added 2025/07/21 2:51 p.m.5 views

gitk: Git file creation flaw

A vulnerability has been identified in the gitk application that could lead to unauthorized file modification or data loss. This flaw manifests in two primary scenarios: - Untrusted Repository Cloning: When a user is tricked into cloning an untrusted Git repository and then uses gitk to visualize...

3.6CVSS5.7AI score0.00287EPSS
Exploits0References7
nessus
nessus
added 2025/05/27 12:0 a.m.10 views

Infoblox NIOS Privilege Escalation (000010393)

The version of Infoblox NIOS installed on the remote host is affected by a erroneous access control issue that allows authenticated users to modify and delete system files without proper authorization. Note that Nessus has not tested for this issue but has instead relied only on the application's...

9.1CVSS5.6AI score0.00327EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 5:8 a.m.6 views

CVE-2023-50327

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

5.3CVSS6.5AI score0.00492EPSS
Exploits0References1
impervablog
impervablog
added 2025/03/20 7:27 a.m.27 views

Imperva Protects Against Apache Tomcat Deserialization Vulnerability

Overview A newly disclosed vulnerability, CVE-2025-24813, affecting Apache Tomcat, has been identified as a high-risk path equivalence vulnerability that allows attackers to manipulate filenames with internal dots . under specific conditions, leading to unauthorized file access, modification, and...

9.8CVSS7.8AI score0.99945EPSS
Exploits47
redhatcve
redhatcve
added 2025/02/04 10:16 p.m.8 views

CVE-2024-35209

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files...

7.5CVSS6.7AI score0.0032EPSS
Exploits0References1
cnvd
cnvd
added 2024/06/12 12:0 a.m.6 views

Hazardous Method or Function Vulnerability Exposed by Siemens SINEC Traffic Analyzer

SINEC Traffic Analyzer is an on-premise application that monitors PNIO PROFINET IO communication between controllers and IO devices. The software detects PROFINET communication problems and reports them to the user via Web-UI. Siemens SINEC Traffic Analyzer has an exposed dangerous method or...

7.5CVSS6.9AI score0.0032EPSS
Exploits0References1
nvd
nvd
added 2024/06/11 12:15 p.m.31 views

CVE-2024-35209

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files...

7.5CVSS0.0032EPSS
Exploits0References1
osv
osv
added 2024/06/11 12:15 p.m.4 views

CVE-2024-35209

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server is allowing HTTP methods like PUT and Delete. This could allow an attacker to modify unauthorized files...

6.9CVSS5.7AI score0.0032EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/06/11 12:0 a.m.3 views

Siemens SINEC Traffic Analyzer 安全漏洞

SINEC Traffic Analyzer is an on-premise application that monitors PNIO PROFINET IO communication between controllers and IO devices. The software detects PROFINET communication problems and reports them to the user via Web-UI. Siemens SINEC Traffic Analyzer has an exposed dangerous method or...

7.5CVSS6.9AI score0.0032EPSS
Exploits0References3
github
github
added 2024/03/12 9:30 p.m.30 views

Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

9.9CVSS6.9AI score0.56934EPSS
Exploits0References5Affected Software1
vulnrichment
vulnrichment
added 2024/03/12 6:18 p.m.20 views

CVE-2024-27317 Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

8.4CVSS6.6AI score0.56934EPSS
Exploits0References3
cvelist
cvelist
added 2024/03/12 6:18 p.m.36 views

CVE-2024-27317 Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

8.4CVSS8.5AI score0.56934EPSS
Exploits0References3
nvd
nvd
added 2024/02/02 1:15 a.m.23 views

CVE-2023-50327

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

5.3CVSS5.5AI score0.00492EPSS
Exploits0References2
Rows per page
Query Builder