Umbraco 安全漏洞

Umbraco is an open-source content management system CMS written in C by the Danish company Umbraco. Versions of Umbraco from 15.3.1 to 16.5.1 and before, as well as versions prior to 17.2.2, have security vulnerabilities. These vulnerabilities stem from insufficient authorization when modifying...

EUVD-2022-40708

Malicious code in bioql PyPI...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. apple macOS is a specialized operating system developed for Mac computers. A security vulnerability exists in a variety of Apple products...

Apple MacOSX Security Update (HT122900)

Apple Mac OS X is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-38106

This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function...

CVE-2025-32017

Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 an...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal due to the handling of TemporaryFileOperationStatus in TemporaryFileControllerBase.cs and TemporaryFileService.cs. An attacker can upload files to unintended locations to cause disruption of service to other user...

CVE-2025-32017

Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 an...

CVE-2025-32017

CVE-2025-32017 – Umbraco CMS : A path traversal vulnerability in the management API allows authenticated backoffice users to upload files to unintended locations in Umbraco 14+ installations. Root cause is insufficient validation in the management API, enabling uploads to incorrect paths. Affecte...

CVE-2022-38106

This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function...

CVE-2022-38106

This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function...

PT-2022-24204 · Serv-U · Serv-U

Name of the Vulnerable Software and Affected Versions: Serv-U versions 15.3.0 through 15.3.1 Description: This issue affects the directory creation function in the web client. Recommendations: For Serv-U versions 15.3.0 through 15.3.1, consider restricting access to the directory creation functio...

SolarWinds Serv-U File Server 跨站脚本漏洞

SolarWinds Serv-U File Server is a file transfer server from SolarWinds USA. A security vulnerability exists in SolarWinds Serv-U File Server versions 15.3.0 through 15.3.1 that originates from affecting the directory creation feature...

CVE-2022-43363

Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS finding...

UBUNTU-CVE-2022-2884

A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software

DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on affected systems. Tracked as CVE-2022-2884, the issue is rated 9.9 on the CVSS vulnerability scoring system and impacts all versions of GitLab Communi...

GitLab 11.3.4 < 15.1.5, 15.2.x < 15.2.3, 15.3.x < 15.3.1 RCE Vulnerability

GitLab is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; ...

CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 v. 16612.4.9.1.8 and 15612.4.9.1.8. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a...

CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 v. 16612.4.9.1.8 and 15612.4.9.1.8. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a...

CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 v. 16612.4.9.1.8 and 15612.4.9.1.8. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a...