CVE-2019-7290 — CVSS 10.0 (critical): An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may…
CVE-2017-16088 — CVSS 10.0 (critical): The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access…
CVE-2022-39206 — CVSS 9.9 (critical): Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket (e.g…
CVE-2026-47643 — CVSS 9.8 (critical): External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.
CVE-2022-20239 — CVSS 9.8 (critical): remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can…
CVE-2021-44041 — CVSS 9.8 (critical): UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied to the --dev-widget argument of the URI…
CVE-2021-43685 — CVSS 9.8 (critical): libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerability in /blob/master/legacy/application/modules/rest/controllers/Show…
CVE-2020-14057 — CVSS 9.8 (critical): Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write…
CVE-2020-9752 — CVSS 9.8 (critical): Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through…
CVE-2026-30903 — CVSS 9.6 (critical): External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to…
CVE-2024-5823 — CVSS 9.1 (critical): A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain…
CVE-2024-32980 — CVSS 9.1 (critical): Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically…
CVE-2021-27648 — CVSS 9.0 (critical): Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before…
CVE-2026-57301 — CVSS 8.8 (high): Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing…
CVE-2026-40370 — CVSS 8.8 (high): External control of file name or path in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-0522 — CVSS 8.8 (high): A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allows authenticated attackers to read…
CVE-2024-10979 — CVSS 8.8 (high): Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process…
CVE-2024-28826 — CVSS 8.8 (high): Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0…
CVE-2024-24760 — CVSS 8.8 (high): mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified…
CVE-2023-40194 — CVSS 8.8 (high): An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of…
CVE-2023-39542 — CVSS 8.8 (high): A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can…
CVE-2023-35985 — CVSS 8.8 (high): An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to…
CVE-2023-3256 — CVSS 8.8 (high): Advantech R-SeeNet versions 2.4.22 allows low-level users to access and load the content of local files.
CVE-2022-34669 — CVSS 8.8 (high): NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or…
CVE-2021-27406 — CVSS 8.8 (high): An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running…
CVE-2021-43844 — CVSS 8.8 (high): MSEdgeRedirect is a tool to redirect news, search, widgets, weather, and more to a user's default browser. MSEdgeRedirect versions before…
CVE-2021-30245 — CVSS 8.8 (high): The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed…
CVE-2020-25161 — CVSS 8.8 (high): The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an…
CVE-2021-32783 — CVSS 8.5 (high): Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type…
CVE-2026-34327 — CVSS 8.2 (high): Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform…
CVE-2024-47773 — CVSS 8.2 (high): Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a…
CVE-2022-43513 — CVSS 8.2 (high): A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9…
CVE-2026-45760 — CVSS 8.1 (high): (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in…
CVE-2025-6691 — CVSS 8.1 (high): The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to…
CVE-2022-2431 — CVSS 8.1 (high): The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to…
CVE-2022-24854 — CVSS 8.0 (high): Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called `ATTACH DATABASE`, which…
CVE-2026-30905 — CVSS 7.8 (high): External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an…
CVE-2026-32204 — CVSS 7.8 (high): External control of file name or path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
CVE-2025-48654 — CVSS 7.8 (high): In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to…
CVE-2024-31319 — CVSS 7.8 (high): In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a…
CVE-2023-6154 — CVSS 7.8 (high): A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus…
CVE-2023-5247 — CVSS 7.8 (high): Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software…
CVE-2023-44209 — CVSS 7.8 (high): Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent…
CVE-2022-46869 — CVSS 7.8 (high): Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber…
CVE-2022-46868 — CVSS 7.8 (high): Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect…
CVE-2023-21097 — CVSS 7.8 (high): In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local…
CVE-2023-22616 — CVSS 7.8 (high): An issue was discovered in Insyde InsydeH2O with kernel 5.2 through 5.5. The Save State register is not checked before use. The IhisiSmm…
CVE-2023-20964 — CVSS 7.8 (high): In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local…