Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-29700

Malicious code in bioql PyPI...

7.5CVSS5.7AI score0.00761EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/30 6:46 p.m.43 views

CVE-2025-2170

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location...

0.00295EPSS
Exploits0References1
CVE
CVE
added 2025/04/30 6:46 p.m.70 views

CVE-2025-2170

CVE-2025-2170 is a Server-side request forgery (SSRF) affecting the SonicWall SMA1000 Appliance Work Place interface. Under certain conditions a remote unauthenticated attacker could cause the appliance to make requests to an unintended location. SonicWall PSIRT advises upgrading to the latest ho...

7.2CVSS7.1AI score0.00295EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/09/06 10:18 a.m.9 views

SUSE-SU-2024:3163-1 Security update for gradle

This update for gradle fixes the following issues: - CVE-2023-35946: Fixed a dependency issue leading the cache to write files into an unintended location. bsc1212930...

6.9CVSS6AI score0.00286EPSS
Exploits0References3
OSV
OSV
added 2023/03/30 8:16 p.m.73 views

GHSA-7X45-PHMR-9WQP Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location

Summary An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip variant. Details Unpacking files using the...

8.5CVSS8.7AI score0.00883EPSS
Exploits1References7
NVD
NVD
added 2023/03/15 6:15 p.m.25 views

CVE-2023-25804

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the /tmp folder using a payload ../../../../../tmp/test111dev. This issue...

7.5CVSS7.5AI score0.00761EPSS
Exploits1References1
Prion
Prion
added 2023/03/15 6:15 p.m.19 views

Path traversal

Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a limited path traversal vulnerability. An SSH key can be saved into an unintended location, for example the /tmp folder using a payload ../../../../../tmp/test111dev. This issue...

5CVSS5.3AI score0.00761EPSS
Exploits1References1Affected Software1
Huntr
Huntr
added 2022/11/26 9:19 p.m.69 views

Integer overflow in realloc call

Description Integer overflow in realloc and memcpy calls in coreanalgraphlabel. In the process of concatenating source lines based on DWARF data, the resulting size 32bit signed int can overflow. The sizes of the realloc and memcpy calls differ, and potentially can lead to writes in an unintended...

4.4CVSS1.1AI score0.00326EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/08/10 12:0 a.m.13 views

JVN#62171179 Kiri directory traversal vulnerability

Impact If the email analysis command processes an email with an attachment with a particular file name, the attachment may be written to an unintended location. Solution Products Affected Kiri ver9-2006 Kiri ver9-2005 Kiri ver9-2004...

7.2AI score
Exploits0
Rows per page
Query Builder