Lucene search
K

1724 matches found

Snyk
Snyk
added 4 days ago4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago3 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Snyk
Snyk
added 4 days ago4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the path key in blobs.yaml. An attacker can write arbitrary files and exfiltrate sensitive information by supplying crafted input that causes traversal outside the intended directory. Details A Directory Traversa...

9.1CVSS7.3AI score0.00331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-10732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip when extracting a ZIP archive containing two entri...

9.8CVSS7.8AI score0.02147EPSS
Exploits1References2
Snyk
Snyk
added 2026/07/03 10:19 p.m.6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the process that handles repository dump creation, which uses release tag names and asset names as filesystem path components. An attacker can manipulate file system paths by providing specially crafted release t...

8.7CVSS6.5AI score0.00369EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 11:17 a.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Lucene.Net.Replicator process. An attacker can access arbitrary files on the server by submitting crafted requests containing path traversal sequences. Details A Directory Traversal attack also known as path...

8.9CVSS6.5AI score0.00703EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 9:19 a.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Lucene.Net.Replicator process. An attacker can write arbitrary files to the client system by sending specially crafted data from a malicious server. Details A Directory Traversal attack also known as path...

8.9CVSS6.5AI score0.00616EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/30 11:16 p.m.3 views

Directory Traversal

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

4.8CVSS6.5AI score0.00164EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/30 11:16 p.m.4 views

Directory Traversal

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

4.8CVSS6.5AI score0.00164EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/30 11:16 p.m.4 views

Directory Traversal

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

4.8CVSS6.5AI score0.00164EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-346 gramps-webapi: Zip Slip Path Traversal in Media Archive Import

Summary A path traversal vulnerability Zip Slip exists in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with directory-traversal filenames to write arbitrary files outside the intended temporary extraction directory on the...

9.1CVSS6AI score0.00401EPSS
Exploits0References7
Snyk
Snyk
added 2026/06/27 12:13 a.m.15 views

Directory Traversal

Overview @pnpm/installing.env-installer is an Installer for configurational dependencies Affected versions of this package are vulnerable to Directory Traversal via the configDependencies process. An attacker can create symlinks outside the intended directory by supplying crafted package names wi...

8.2CVSS6.5AI score0.00257EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/26 6:15 p.m.6 views

Directory Traversal

Overview extract-zip is an unzip a zip file into a directory using 100% javascript Affected versions of this package are vulnerable to Directory Traversal via the extraction process. An attacker can access or modify arbitrary files by crafting a malicious zip archive containing symlinks that poin...

8.6CVSS6.5AI score0.00346EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/25 7:14 p.m.6 views

CVE-2026-44017

A flaw was found in Docling. The EasyOCR model download functionality improperly extracts ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker compromises the model download source e.g., via a supply chain or Man-in-the-Middle MITM attack, they could write...

8.3CVSS6.3AI score0.00478EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/25 5:20 p.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the org.opencontainers.image.title annotation in the artifact manifest when downloading OCI artifacts. An attacker can cause files to be written to arbitrary locations on the host filesystem by supplying a crafte...

8.1CVSS6.6AI score0.00292EPSS
Exploits0References2
Rows per page
Query Builder