Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-36 Clear
ID Title
CVE-2026-58300 Vulnerability in path-traversal (CVE-2026-58300)
vulnerability in path-traversal (CVE-2026-58300). Confidential information can be exposed externally.
CVE-2026-49290 Path Traversal in CVE-2026-49290 (CVE-2026-49290)
path traversal in CVE-2026-49290 (CVE-2026-49290). Risk of unauthorized operations or information disclosure. Exploitable via ``zipfile``.
CVE-2026-53698 Vulnerability in CVE-2026-53698 (CVE-2026-53698)
vulnerability in CVE-2026-53698 (CVE-2026-53698). Confidential information can be exposed externally.
CVE-2026-10075 Vulnerability in path-traversal (CVE-2026-10075)
vulnerability in path-traversal (CVE-2026-10075). Risk of unauthorized operations or information disclosure.
CVE-2026-10044 Vulnerability in path-traversal (CVE-2026-10044)
vulnerability in path-traversal (CVE-2026-10044). Confidential information can be exposed externally. Exploitable via `GET /api/prompts/{filename}`.
CVE-2026-32997 Vulnerability in CVE-2026-32997 (CVE-2026-32997)
vulnerability in CVE-2026-32997 (CVE-2026-32997). Risk of unauthorized operations or information disclosure.
CVE-2026-4782 Vulnerability in wordpress (CVE-2026-4782)
vulnerability in wordpress (CVE-2026-4782). Confidential information can be exposed externally.
CVE-2026-32175 Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
CVE-2026-42315 Path Traversal in pyload-ng (CVE-2026-42315)
path traversal in pyload-ng (CVE-2026-42315). Data can be tampered with by attackers. Exploitable via ``Perms.MODIFY``. Mitigation: upgrade to `0.5.0b3.dev100` or later.
CVE-2026-6418 Vulnerability in papercut (CVE-2026-6418)
vulnerability in papercut (CVE-2026-6418). Confidential information can be exposed externally.
CVE-2026-0846 Vulnerability in nltk (CVE-2026-0846)
vulnerability in nltk (CVE-2026-0846). Confidential information can be exposed externally. Exploitable via ``nltk.util``. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-2753 Vulnerability in path-traversal (CVE-2026-2753)
vulnerability in path-traversal (CVE-2026-2753). Confidential information can be exposed externally.
CVE-2024-48248 KEV [KEV] Vulnerability in Nakivo backup-and-replication (CVE-2024-48248)
vulnerability in Nakivo backup-and-replication (CVE-2024-48248). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-13159 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13159). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-13160 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13160). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-13161 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161)
vulnerability in Ivanti endpoint-manager-epm (CVE-2024-13161). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-20250 KEV [KEV] Vulnerability in Rarlab winrar (CVE-2018-20250)
vulnerability in Rarlab winrar (CVE-2018-20250). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-7929 Vulnerability in path-traversal (CVE-2017-7929)
vulnerability in path-traversal (CVE-2017-7929). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →