60 matches found
BIT-GOLANG-2023-45283 Insecure parsing of Windows paths with a \??\ prefix in path/filepath
The filepath package does not recognize paths with a ??\ prefix as special. On Windows, a path beginning with ??\ is a Root Local Device path equivalent to a path beginning with \?. Paths with a ??\ prefix may be used to access arbitrary locations on the system. For example, the path ??\c:\x...
SUSE CVE-2021-42257
checksmart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path the /dev/bus substring and a number, aka an unanchored regular expression...
SUSE CVE-2022-38457
A use-after-freeUAF vulnerability was found in function 'vmwcmdrescheck' in drivers/gpu/vmxgfx/vmxgfxexecbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 or Dxxx'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of...
Zyxel Firewall ZTP Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...
CVE-2021-42257
checksmart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path the /dev/bus substring and a number, aka an unanchored regular expression...
Design/Logic Flaw
checksmart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path the /dev/bus substring and a number, aka an unanchored regular expression...
PT-2021-23568 · Unknown · Check Smart
Name of the Vulnerable Software and Affected Versions: check smart versions prior to 6.9.1 Description: The issue allows unintended drive access by an unprivileged user due to a substring match of a device path, specifically checking for the /dev/bus substring and a number, which is an example of...
Suse Check_smart 输入验证错误漏洞
Suse Checksmart is a monitoring plugin from Suse Luxembourg. It is used to monitor the value of the Smart Self-Monitoring, Analysis and Reporting Technology attribute of hard and solid state drives in the background using Smartmontool's Smartctl. A security vulnerability exists in versions of...
CVE-2021-42257
checksmart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path the /dev/bus substring and a number, aka an unanchored regular expression...
PYSEC-2021-887
GattLib 0.3-rc1 has a stack-based buffer over-read in getdevicepathfrommac in dbus/gattlib.c...
PYSEC-2021-887
GattLib 0.3-rc1 has a stack-based buffer over-read in getdevicepathfrommac in dbus/gattlib.c...
GattLib 缓冲区错误漏洞
GattLib is a library for accessing GATT Generic Attribute Profile information for BLE Bluetooth Low Energy devices. GattLib 0.3-rc1 suffers from a buffer overflow vulnerability in getdevicepathfrommac in dbus/gattlib.c, which originates from a buffer overload read of the stack. No detailed...
openSUSE: Security Advisory for monitoring-plugins-smart (openSUSE-SU-2021:0706-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
2FA bypass in Wagtail through new device path
2FA bypass through new device path Impact If someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. Patches This problem has been patched in version 1.3.0...
GHSA-89PX-WW3J-G2MM 2FA bypass in Wagtail through new device path
2FA bypass through new device path Impact If someone gains access to someone's Wagtail login credentials, they can log into the CMS and bypass the 2FA check by changing the URL. They can then add a new device and gain full access to the CMS. Patches This problem has been patched in version 1.3.0...
CVE-2018-11020
kernel/omap/drivers/rpmsg/rpmsgomx.c in the kernel component in Amazon Kindle Fire HD3rd Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash...
UBUNTU-CVE-2017-6462
Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...
Resin < 2.1s020604 MS-DOS Device Path Disclosure
Binary data 1517.prm...
BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY
Hi Bugtraq !! BPM STUDIO PRO 4.2 is one of the most famous mp3 mixer and player and it has an http server implementation for manage the player via the web browser. Unfortunatly, when you perform a simple http request like: http://BPM-HOST/con/con you can crash instantly non-patched Win9x host wit...
CVE-2000-0168
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability...