23 matches found
EUVD-2020-2341
Malware in sbrugna...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
The software’s vulnerability regarding the detection of vulnerabilities and errors in PT Application Inspector arises from an incorrect limitation on the path to the restricted access directory. This allows attackers to increase their privileges.
The vulnerability of the application software’s interface for detecting vulnerabilities and errors in PT Application Inspector exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to enhance their...
PT-2024-53: Reading arbitrary files via API in PT Application Inspector (PT AI)
The vulnerability was identified in PT Application Inspector PT AI, versions 4.4.0 - 4.9.0 inlusevely. The discovered vulnerability allows an attacker with network access to PT AI to read source code files of other users' projects. The vulnerability can be used for privilege escalation...
The software’s vulnerability lies in the inability of PT Application Inspector to detect vulnerabilities and errors. This vulnerability arises due to an incorrect limitation on the path to the restricted access directory, allowing attackers to execute arbitrary code.
The vulnerability of the PT Application Inspector software arises due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...
The software’s vulnerability involves errors in PT Application Inspector, particularly regarding the incorrect handling of links before accessing files. This allows attackers to escalate their privileges and gain unauthorized access to protected information.
The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to incorrect definition of the link before accessing a file. Exploiting this vulnerability allows an attacker to enhance their privileges and gain unauthorized access to protected...
The vulnerability of the software for detecting vulnerabilities and errors in PT Application Inspector, due to improper checking of query parameters, allows a perpetrator to execute arbitrary code.
The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to improper checking of query parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the software for detecting vulnerabilities and errors in PT Application Inspector, due to improper checking of query parameters, allows a perpetrator to execute arbitrary code.
The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to improper checking of query parameters. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the software for detecting vulnerabilities and errors in PT Application Inspector, related to link processing errors, allows attackers to enhance their privileges and gain unauthorized access to protected information.
The vulnerability of the PT Application Inspector’s software for detecting vulnerabilities and errors is related to errors in link processing. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information...
PT-2024-09: Creating arbitrary files during project creation in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to create arbitrary files without the ability to overwrite existing files. Exploitation of the vulnerability requires...
PT-2024-05: Remote Code Execution when creating a project from a git repository in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to remotely execute code on the control server. Exploitation of the vulnerability requires authorization of the "project...
PT-2024-04: Remote Code Execution at scan startup in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI management server to remotely execute code on the scan agent. Exploitation of the vulnerability requires authorization of the "project...
PT-2024-06: Reading arbitrary files in the component Web IDE in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.4 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. Exploitation of the vulnerability requires authorization of the...
PT-2024-08: Reading arbitrary files when scanning a project linked to a git repository in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. The vulnerability can be exploited for privilege escalation...
PT-2024-07: Reading arbitrary files via API in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to read source code files of other user's projects. The vulnerability can be exploited for privilege escalation...
Microsoft Application Inspector Remote Code Execution Vulnerability
Microsoft Application Inspector is a software source code analysis tool from the U.S. company Microsoft Microsoft. The product supports scanning C, C++, C, Java and JavaScript and other languages. A remote code execution vulnerability exists in Microsoft Application Inspector v1.0.23 and prior...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
Remote code execution
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'...