Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Cvelist
Cvelistadded 2026/04/09 4:7 p.m.14 views

CVE-2026-39942 Directus has a Path Traversal and Broken Access Control in File Management API

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, the PATCH /files/id endpoint accepts a user-controlled filenamedisk parameter. By setting this value to match the storage path of another user's file, an attacker can overwrite that file's content...

8.5CVSS0.0004EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-12031

Malware in sbrugna...

5.5CVSS5.8AI score0.00066EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-12029

Malware in sbrugna...

5.5CVSS6AI score0.00066EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.0 views

EUVD-2017-10121

Malware in sbrugna...

7.1CVSS6.9AI score0.00065EPSS
Exploits0References5
Veracode
Veracodeadded 2024/10/07 6:55 p.m.6 views

Authorization Bypass

www.velocidex.com/golang/velociraptor is vulnerable to Authorization Bypass. The vulnerability is due to improper permission checks in the copy VQL function, which applies checks for reading files but does not check for permission to write files, allowing low-privilege users to overwrite server...

8.8CVSS6.6AI score0.00323EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2023/05/30 12:0 a.m.1 views

imapsync 后置链接漏洞

imapsync is imapsync open source an IMAP transport tool. A security vulnerability exists in imapsync that stems from the use of predictable paths under /tmp and /var/tmp in its default mode of operation, which can be exploited by an attacker to modify imapsync's cache and overwrite files belongin...

6.5CVSS5.6AI score0.00441EPSS
Exploits1References3
OSV
OSVadded 2019/11/14 1:15 a.m.9 views

CVE-2011-1136

In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file...

4.7CVSS6.8AI score0.00256EPSS
Exploits1References8
OSV
OSVadded 2004/12/31 5:0 a.m.5 views

CVE-2004-2462

cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplaycontrol temporary file...

6.6AI score
Exploits0References5
Packet Storm
Packet Stormadded 2004/01/14 12:0 a.m.18 views

susegnome.txt

Author: l0om Date: 12.01.2004 page: www.excluded.org SuSE 9.0 - YaST script SuSEconfig.gnome-filesystem There is a symlink problem in the SuSEconfig.gnome-filesystem scribt. a normal user can creat and overwrite every file on the system. This script gets executed after a configuration change by t...

7.4AI score
Exploits0
CVE
CVEadded 2001/09/12 4:0 a.m.43 views

CVE-1999-1227

CVE-1999-1227 concerns Ethereal and a local symlink-attack that allows overwriting arbitrary files via the packet capture file. Documentation consistently states the flaw is a local-privilege issue due to a symlink race, enabling complete confidentiality, integrity, and availability impact for af...

7.2CVSS6.7AI score0.0005EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Stormadded 1999/08/17 12:0 a.m.26 views

svga.textmode.1.8.txt

Date: Tue, 26 Oct 1999 19:14:50 +0300 From: [email protected] To: [email protected] Subject: svgatextmode hello, I sent on bugtraq the bug with savetextmode. I thought that it belonged to SVGATextMode, but it is included in svgalib. So the threat is bigger... Please update your page...

7.4AI score
Exploits0
Rows per page
Query Builder