Search Results (2285 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-53363 1 Dpanel Project 1 Dpanel 2026-04-15 N/A
dpanel is an open source server management panel written in Go. In versions 1.2.0 through 1.7.2, dpanel allows authenticated users to read arbitrary files from the server via the /api/app/compose/get-from-uri API endpoint. The vulnerability exists in the GetFromUri function in app/application/http/controller/compose.go, where the uri parameter is passed directly to os.ReadFile without proper validation or access control. A logged-in attacker can exploit this flaw to read sensitive files from the host system, leading to information disclosure. No patched version is available as of this writing.
CVE-2020-36938 1 Winavr 1 Winavr 2026-04-15 8.8 High
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory.
CVE-2024-9275 1 Jeanmarc77 1 123solar 2026-04-15 6.3 Medium
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin_invt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-53396 2026-04-15 N/A
Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier), which may allow users who can log in to a client terminal to obtain root privileges.
CVE-2025-54497 1 Cognex 2 In-sight Camera Firmware, In-sight Explorer 2026-04-15 8.1 High
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to modify relevant device properties (such as serial interface settings), contradicting the security model proposed in the user manual.
CVE-2024-10018 1 Tecno 1 Com.transsion.aivoiceassistant 2026-04-15 9.8 Critical
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.
CVE-2024-10526 1 Rapid7 1 Velociraptor 2026-04-15 N/A
Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control permission on Velociraptor's files. By modifying Velociraptor's files, local users can subvert the binary and cause the Velociraptor service to execute arbitrary code as the SYSTEM user, or to replace the Velociraptor binary completely.  This issue is fixed in version 0.73.3.
CVE-2024-11042 2026-04-15 N/A
In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files.
CVE-2024-12036 1 Wordpress 1 Wordpress 2026-04-15 7.5 High
The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.9 via the get_widget_settings_json() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
CVE-2024-12066 1 Wordpress 1 Wordpress 2026-04-15 8.8 High
The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). CVE-2024-49249 is likely a duplicate of this issue.
CVE-2024-12564 2026-04-15 N/A
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things about the target application which may help in further investigation and exploitation.
CVE-2024-1486 2026-04-15 7.4 High
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices
CVE-2024-57068 2026-04-15 7.5 High
A prototype pollution in the lib.mutateMergeDeep function of @tanstack/form-core v0.35.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
CVE-2024-54910 2026-04-15 4.7 Medium
Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function.
CVE-2024-54159 2026-04-15 4.1 Medium
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.
CVE-2025-68155 1 Vitejs 1 Plugin-rsc 2026-04-15 7.5 High
@vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Prior to version 0.5.8, the `/__vite_rsc_findSourceMapURL` endpoint in `@vitejs/plugin-rsc` allows unauthenticated arbitrary file read during development mode. An attacker can read any file accessible to the Node.js process by sending a crafted HTTP request with a `file://` URL in the `filename` query parameter. Version 0.5.8 fixes the issue.
CVE-2025-59049 1 Mockoon 1 Mockoon 2026-04-15 7.5 High
Mockoon provides way to design and run mock APIs. Prior to version 9.2.0, a mock API configuration for static file serving follows the same approach presented in the documentation page, where the server filename is generated via templating features from user input is vulnerable to Path Traversal and LFI, allowing an attacker to get any file in the mock server filesystem. The issue may be particularly relevant in cloud hosted server instances. Version 9.2.0 fixes the issue.
CVE-2024-44729 1 Mirotalk 1 Mirotalk P2p 2026-04-15 7.5 High
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting.
CVE-2024-27108 2026-04-15 6.8 Medium
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products
CVE-2024-28589 1 Axigen 1 Axigen Mail Server 2026-04-15 6.7 Medium
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.