9 matches found
CVE-2026-48321 ColdFusion | Incorrect Authorization (CWE-863)
ColdFusion is affected by an Incorrect Authorization vulnerability that could result in privilege escalation. An attacker could leverage this vulnerability to gain unauthorized read and write access. Exploitation of this issue does not require user interaction. Scope is changed...
CVE-2026-48321
Technical details are not publicly available in the provided documents; no affected products, versions, or remediation are specified. Monitor for updates.
CVE-2026-5422 Path Traversal in jupyter/jupyter
A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...
CVE-2025-61809 ColdFusion | Improper Input Validation (CWE-20)
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation o...
PT-2023-29185 · Dell · Dell Powerprotect Dd
Name of the Vulnerable Software and Affected Versions: Dell PowerProtect DD versions prior to 7.13.0.10 Dell PowerProtect DD LTS versions prior to 7.7.5.25 Dell PowerProtect DD LTS versions prior to 7.10.1.15 Dell PowerProtect DD version 6.2.1.110 Description: A path traversal vulnerability exist...
CVE-2023-39403
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization...
CVE-2023-39400
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization...
PT-2023-26926 · Installd · Installd
Name of the Vulnerable Software and Affected Versions: installd affected versions not specified Description: The issue is related to a parameter verification vulnerability in the installd module. This vulnerability can be exploited to read and write sandbox files without authorization...
Design/Logic Flaw
Reported in SOLR-14515 private and fixed in SOLR-14561 public, released in Solr version 8.6.0. The Replication handler https://lucene.apache.org/solr/guide/86/index-replication.htmlhttp-api-commands-for-the-replicationhandler allows commands backup, restore and deleteBackup. Each of these take a...