1649 matches found
Design/Logic Flaw
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system including system files, inject code into an XLS file, and modify the file extension, which could lead to arbitrary code...
CVE-2023-32540
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system including system files, inject code into an XLS file, and modify the file extension, which could lead to arbitrary code...
CVE-2023-32540
Affected product: Advantech WebAccess/SCADA (versions 9.1.3 and prior). The vulnerability is an arbitrary file overwrite in the software that could allow overwriting any OS file, injecting code into an XLS file, and changing file extensions, potentially enabling arbitrary code execution. Impact i...
CVE-2023-32540
In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system including system files, inject code into an XLS file, and modify the file extension, which could lead to arbitrary code...
Advantech WebAccess/SCADA 代码注入漏洞
Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An arbitrary file overwrite vulnerability exist...
PT-2023-22387 · Unknown · Keyboard Themes
Name of the Vulnerable Software and Affected Versions: Keyboard Themes version 1.275.1.164 Description: The issue allows unauthorized apps to overwrite arbitrary files in the internal storage of Keyboard Themes and achieve arbitrary code execution due to a dictionary traversal vulnerability...
Timmystudios Fast Typing Keyboard 路径遍历漏洞
Timmystudios Fast Typing Keyboard is an Android app keyboard by Timmystudios. A security vulnerability exists in Timmystudios Fast Typing Keyboard Themes version 1.275.1.164, which stems from the presence of a dictionary traversal vulnerability that could allow an unauthorized application to...
CVE-2023-33245
Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...
CVE-2023-33245
Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...
Code injection
Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...
CVE-2023-33245
Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...
CVE-2023-33245
Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...
PT-2023-24241 · Mojang · Minecraft
Name of the Vulnerable Software and Affected Versions: Minecraft versions 1.19 through 1.20 pre-releases before 7 Java Description: The issue allows for arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink. Recommendations: For Minecraft versions...
Docker Desktop 安全漏洞
Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...
Docker Desktop 后置链接漏洞
Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...
CVE-2022-47027
Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files in its internal storage via a dictionary traversal vulnerability and achieve arbitrary code execution...
PT-2023-6557 · Siemens · Tia Portal
Name of the Vulnerable Software and Affected Versions: Totally Integrated Automation Portal TIA Portal versions V15 through V18 Update 1, with the following specifics: TIA Portal versions V15 TIA Portal versions V16 through V16 Update 7 TIA Portal versions V17 through V17 Update 6 TIA Portal...
Siemens TIA Portal 输入验证错误漏洞
Siemens TIA Portal is a fully integrated automation portal from Siemens, Germany.TIA Portal gives you unlimited access to the full range of digital automation services, from digital planning to integrated engineering and transparent operation. A path traversal vulnerability exists in Siemens TIA...
NewStart CGSL CORE 5.05 / MAIN 5.05 : rsync Vulnerability (NS-SA-2023-0010)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has rsync packages installed that are affected by a vulnerability: - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The...
Important: git
Issue Overview: A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwri...