CVE-2021-39212

A flaw was found in ImageMagick in the Postscript File Handler component. An attacker could exploit this flaw which would, in some cases, lead to postscript files to be read and written to even when specifically excluded by a module policy in policy.xml. Mitigation Users are advised to use the...

GO-2021-0051 Directory traversal on Windows in github.com/labstack/echo/v4

Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

GO-2020-0039 Open redirect in gopkg.in/macaron.v1

Due to improper request sanitization, a specifically crafted URL can cause the static file handler to redirect to an attacker chosen URL, allowing for open redirect attacks...

PT-2021-12080 · Unknown · Static File Handler

Name of the Vulnerable Software and Affected Versions: Static File Handler affected versions not specified Description: The issue arises from improper sanitization of user input on Windows, allowing the static file handler to permit directory traversal. This enables an attacker to read files...

CVE-2020-28948

ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. Recent assessments: gwillcox-r7 at January 15, 2021 7:39pm UTC reported: Edit: PoC code for this can be found at along with the original advisory. An interesting vulnerability using the...

CVE-2020-6799

Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that...

Foxit Studio Photo < 3.6.6.913 Multiple Vulnerabilities

According to its self-reported version, the Foxit Studio Photo application installed on the remote Windows host is affected by multiple vulnerabilities: - An out-of-bounds read error exist in the TIF file handler when processing InkNames of TIFFSetField due to improper validation of user-supplied...

OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

PT-2019-6422 · Plan 9 +1 · Rc +1

Name of the Vulnerable Software and Affected Versions: rc versions prior to 1.7.1-5 Description: The issue is related to insufficient input validation in the Temp File Handler component of the Plan 9 rc command shell. This can be exploited by a remote attacker to create arbitrary temporary files...

Design/Logic Flaw

Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FFClose is defined in fffile.c. The file handler pxFile is freed by ffconfigFREE, which by default is a macro definition of vPortFree, but it is reused to flush modified file content from the cache to disk by the function...

OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...

CVE-2018-1114

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)

Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command" -Force Set-ItemProperty -Path "HKCU:\Software\Classes\exefile\shell\open\command" -Na...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell) Exploit

Exploit for windows platform in category local exploits Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command" -Force Set-ItemProperty -Path...

Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)

Microsoft Windows - UAC Protection Bypass Via Slui File Handler Hijack PowerShell Interactive Version: function SluiHijackBypass Param ParameterMandatory=$True String$command, ValidateSet64,86 int$arch = 64 Create registry structure New-Item "HKCU:\Software\Classes\exefile\shell\open\command"...

Information Disclosure

EAP is vulnerable to information disclosure attacks. An attacker could manipulate the component, Configuration File Handler with an unknown input which leads to partially modify data and disclosure of information...

Arbitrary Code Execution

OpenJPEG is vulnerable to arbitrary code execution attacks. A remote unauthenticated attacker could exploit the vulnerable JP2 File Handler component to cause code execution via a crafted JP2 file, which triggers an out-of-bounds read or write...

Jupyter Notebook Cross-Site Scripting Vulnerability (CNVD-2019-09602)

Jupyter Notebook is an open source web application that creates and shares documents containing live code, equations, visualizations, and narrative text. A cross-site scripting vulnerability exists in Jupyter Notebook versions prior to 5.7.1, which stems from a failure to set the content security...

UBUNTU-CVE-2018-19351

Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py,...

Design/Logic Flaw

It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...