CVE-2024-43440

A flaw was found in moodle. A local file may include risks when restoring block backups...

CVE-2024-43440 Moodle: lfi vulnerability when restoring malformed block backups

A flaw was found in moodle. A local file may include risks when restoring block backups...

CVE-2024-43440 Moodle: lfi vulnerability when restoring malformed block backups

A flaw was found in moodle. A local file may include risks when restoring block backups...

Moodle 安全漏洞

Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle that stems from a possible risk in local files when restoring block backups...

PT-2024-35082 · Comodo · Itop

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 3.2.0 Description: The issue allows an attacker accessing a backup file or the database to read some passwords for misconfigured users. This is due to the storage of sensitive data in cleartext. The impact of th...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to errors in processing the relative path to the directory, allows a hacker to expose protected information.

The vulnerability of the Continuous Integration and Deployment Application Delivery system CI/CD of TeamCity in JetBrains is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow a malicious actor to access protected information through server...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.1 and Apple iPadOS version 18.1, which stems from the fact that...

PT-2024-31084

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.1 iPadOS versions prior to 18.1 iOS versions prior to 17.7.1 iPadOS versions prior to 17.7.1 visionOS versions prior to 2.1 tvOS versions prior to 18.1 Description This issue was addressed with improved handling of...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 18.1 and Apple iPadOS version 18.1, which stems from the fact that...

CVE-2024-20280

A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with access to a backup file to learn sensitive information that is stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method that is used fo...

CVE-2020-36835

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wpajaxwpvividaddremote AJAX action that allows low-level authenticated attackers to send back-ups to a remote...

Cisco UCS Central 安全漏洞

Cisco UCS Central is a server management software from Cisco USA. The software supports the management of multiple Cisco UCS instances or domains in different locations and environments. Up to 10,000 Cisco UCS servers blades, racks, and minis and Cisco HyperFlex systems can be supported using the...

PT-2024-39221 · WordPress · File Manager Pro

Name of the Vulnerable Software and Affected Versions: File Manager Pro plugin for WordPress versions up to, and including, 8.3.9 Description: The issue allows unauthenticated attackers, if granted access to the File Manager by an administrator, to download and upload arbitrary backup files on th...

CVE-2024-47948

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups...

CVE-2024-47948

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups...

CVE-2024-47948

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups...

CVE-2024-47948

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups...

CVE-2024-47948

CVE-2024-47948 affects JetBrains TeamCity versions prior to 2024.07.3. The issue is a path traversal vulnerability in the handling of server backups that can lead to information disclosure. Root cause: sensitive data may be exposed through misprocessed backup files. Impact: information disclosure...

Directory Traversal

@saltcorn/server is vulnerable to Directory Traversal. The vulnerability is due to missing sanitization of the filename parameter used to identify the zip file when passed to the res.download API. This allows an attacker with admin permission to read and download arbitrary zip files when...

PT-2024-7444 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.07.3 Description: The issue is related to path traversal errors in the handling of relative directory paths, which could allow a remote attacker to disclose protected information using server backups...