62 matches found
CVE-2022-38341
Safe Software FME Server v2021.2.5 and below does not employ server-side validation...
CVE-2022-38342
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a XML External Entity XXE vulnerability which allows authenticated attackers to perform data exfiltration or Server-Side Request Forgery SSRF attacks...
EUVD-2018-12960
Malware in sbrugna...
EUVD-2020-15547
Malware in sbrugna...
EUVD-2020-15546
Malware in sbrugna...
EUVD-2022-40931
Malicious code in bioql PyPI...
EUVD-2022-40932
Malicious code in bioql PyPI...
EUVD-2022-40930
Malicious code in bioql PyPI...
EUVD-2023-39796
Malicious code in bioql PyPI...
EUVD-2022-40929
Malicious code in bioql PyPI...
CVE-2018-20402
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition to the initial administrator account. The passwords to the three accounts are the same as the usernames, which are guest, user, and author. Logging in with these accounts will grant any user the...
CVE-2022-38340
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below was discovered to contain a Path Traversal vulnerability via the component fmedataupload...
CVE-2022-38339
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page...
CVE-2023-35801
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...
CVE-2023-35801
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...
Directory traversal
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...
CVE-2023-35801
Affected software: Safe Software FME Server (prior to 2022.2.5). Vulnerability: directory traversal exposing the ability to bypass validation when editing a network-based resource connection, enabling unauthorized reading and writing of arbitrary files. Requirements/impact: attacker must have a u...
CVE-2023-35801
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...
Safe Software FME Server 路径遍历漏洞
Safe Software FME Server is a web-based data conversion application from Safe Software Canada Inc. It is used to automate data and application integration workflows in a code-free environment. A security vulnerability exists in Safe Software FME Server versions prior to 2022.2.5, which stems from...
CVE-2023-35801
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...