127 matches found
CVE-2016-1505
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore...
The vulnerability of the iOS operating system allows a hacker to execute arbitrary code in a privileged context.
The vulnerability of the Mobile Replayer component in the GPUTools Framework for the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using an application that specifies a specially...
The vulnerability of the iOS operating system allows a hacker to execute arbitrary code in a privileged context.
The vulnerability of the Mobile Replayer component in the GPUTools Framework for the iOS operating system is related to errors in the code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a privileged context using an application that specifies a specially...
The vulnerability of the Internet Explorer browser, which allows a hacker to read arbitrary local files
The vulnerability of the Internet Explorer browser is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to read arbitrary local files using a specially created path name...
Path traversal
Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path...
CVE-2014-9712
Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allow remote administrators to read arbitrary files and obtain passwords via a crafted path...
CVE-2015-0271
The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard horizon allows remote attackers to read arbitrary files via a crafted path...
CVE-2015-0271
The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard horizon allows remote attackers to read arbitrary files via a crafted path...
CVE-2015-0271
The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard horizon allows remote attackers to read arbitrary files via a crafted path...
CVE-2015-0271
CVE-2015-0271 affects Red Hat OpenStack Horizon’s redhat-access-plugin (pre-6.0.3). The vulnerability arises from an unsanitized input in the log-viewing function, allowing an authenticated attacker to read arbitrary files via a crafted path. Impact is reading sensitive files with the web server’...
Directory traversal
Directory traversal vulnerability in the gcabfolderextract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."...
CVE-2015-0552
Directory traversal vulnerability in the gcabfolderextract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."...
CVE-2015-0552
Directory traversal vulnerability in the gcabfolderextract function in libgcab/gcab-folder.c in gcab 0.4 allows remote attackers to write to arbitrary files via crafted path in a CAB file, as demonstrated by "\tmp\moo."...
CVE-2014-8788
GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message...
Design/Logic Flaw
GleamTech FileVista before 6.1 allows remote authenticated users to obtain sensitive information via a crafted path when saving a zip file, which reveals the installation path in an error message...
CVE-2014-8789
GleamTech FileVista before 6.1 allows remote authenticated users to create arbitrary files and possibly execute arbitrary code via a crafted path in a zip archive, which is not properly handled during extraction...
Path traversal
The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path...
CVE-2014-9024
The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path...
CVE-2014-5269
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...
CVE-2014-5269
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...