CVE-2025-12003

A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated remote attackers to impact the integrity of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information...

EUVD-2020-17111

Malware in sbrugna...

EUVD-2010-1814

Malware in sbrugna...

EUVD-2016-10267

Malware in sbrugna...

EUVD-2004-2568

Malware in sbrugna...

EUVD-2008-0323

Malware in sbrugna...

EUVD-2011-3177

Malware in sbrugna...

EUVD-2019-13034

Malicious code in bioql PyPI...

Exploit for Classic Buffer Overflow in Microsoft

PoC exploit for CVE-2017-7269, a vulnerability in Microsoft Inte...

CVE-2012-10062

A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits...

Microsoft WebDAV 安全漏洞

Microsoft WebDAV is an HTTP protocol-based extension for file management and collaborative editing over the Internet from Microsoft USA. A security vulnerability exists in Microsoft WebDAV. An attacker exploiting this vulnerability could execute code. The following products and versions are...

CVE-2018-20000

Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java...

CVE-2022-35202

A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain non-default scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV. This keystor...

CVE-2022-35202

CVE-2022-35202 affects Sitevision 10.3.1 and earlier. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV, protected by a low-complexity, auto-generated password. This could allow a remote attacker, in certain non-default scenarios, to gain access to the...

PT-2025-24329

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to July 2025 Patch Tuesday Description A remote code execution vulnerability exists in the Web Distributed Authoring and Versioning WebDAV component of Microsoft Windows. This flaw, tracked as CVE-2025-33053,...

The vulnerability of the mod_webdav.so module of the Wi-Fi router software by ASUS RT-AX92U allows a hacker to gain access to protected information.

The vulnerability of the modwebdav.so module in the ASUS RT-AX92U Wi-Fi router software lies in the lack of protection for sensitive data. Exploiting this vulnerability could allow an attacker to gain access to protected information...

CVE-2022-37398 A stack-based buffer overflow vulnerability was found on ADM

A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below...

net.adamcin.recap:net.adamcin.recap.addressbook (>=0.8.0 <=1.0.1), net.adamcin.recap:net.adamcin.recap.core (>=0.8.0 <=1.0.1) +16 more potentially affected by CVE-2016-6801 via org.apache.jackrabbit:jackrabbit-webdav (>=2.4.0 <=2.4.5)

org.apache.jackrabbit:jackrabbit-webdav MAVEN version =2.4.0, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =0.8.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0, =2.4.0, =1.1.0, =2.1.2, =5.12.0, =5.11.0, =5.12.2 and more Source cves: CVE-2016-6801 Source advisory: OSV:GHSA-9FC7-RHQ3-WM7X...

PT-2020-5795 · Yaws +1 · Yaws Webserver +1

Name of the Vulnerable Software and Affected Versions: Yaws web server versions 1.81 through 2.0.7 Description: The issue is related to the implementation of WebDAV in the Yaws web server, which is vulnerable to XXE injection. This could allow a remote attacker to access confidential data,...

GHSA-5P52-J8PW-J7X5 Improper Restriction of XML External Entity Reference in bedework:bw-webdav

Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java...