Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Squidex has Blind SSRF via file:// Protocol in Restore API leading to Local File Interaction
HTTP Headers <= 1.19.2 - Authenticated (Administrator+) External Control of File Name or Path to RCE via 'hh_htpasswd_path' and 'hh_www_authenticat...
nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding
nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames
OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths
SecureDrop Client has path injection in read_gzip_header_filename()
Firebird: Path Traversal + Arbitrary File Write Leads to Remote Code Execution
Jellyfin: Potential SSRF + Arbitrary file read via LiveTV M3U tuner
Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage via WCF SOAP
wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter
NoMachine External Control of File Path Local Privilege Escalation Vulnerability
NoMachine External Control of File Path Arbitrary File Deletion Vulnerability
Path Traversal (Arbitrary File Delete) in Chamilo LMS
Rembg has a Path Traversal via Custom Model Loading
Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 and JP1/NETM/DM
Chyrp Lite has a Path Traversal to Remote Code Execution
Ferret has a Path Traversal in IO::FS::WRITE allows arbitrary file write when scraping malicious websites
SillyTavern: Path traversal in `/api/chats/import` allows arbitrary file write outside intended chat directory
@tinacms/graphql has Path Traversal that leads to overwrite of arbitrary files
Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate
Showing 1 - 20 of 1,000+ results