CVE-2021-42068

CVE-2021-42068 affects SAP 3D Visual Enterprise Viewer 9.0. Reports describe an input validation error when opening manipulated GIF files from untrusted sources, causing the application to crash and become temporarily unavailable until restart. The CVSS indicates low availability impact (A: LOW) ...

CVE-2021-42070

When a user opens manipulated Jupiter Tessellation .jt file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-42070

SAP 3D Visual Enterprise Viewer 9.0 is affected by an input-validation flaw in Jupiter Tessellation (JT) files, causing a crash and temporary unavailability when opening manipulated JT files from untrusted sources. Root cause identified as failure to validate JT inputs. SAP has issued security pa...

CVE-2021-37088

There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file...

CVE-2021-35245

When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine...

CVE-2021-35245

CVE-2021-35245 affects SolarWinds Serv-U: when a user has admin rights in the Serv-U Console, they can move, create, and delete files accessible on the Serv-U host machine. The Nessus plugin for SolarWinds Serv-U 15.2.4

PT-2021-20865 · Unknown · Serv-U Console

Name of the Vulnerable Software and Affected Versions: Serv-U Console affected versions not specified Description: The issue allows a user with admin rights in Serv-U Console to move, create, and delete any files accessible on the Serv-U host machine. Recommendations: At the moment, there is no...

CVE-2021-43783

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. In affected versions a malicious actor with write access to a registered scaffolder template is able to manipulate the template in a way that writes files to arbitrary paths on the scaffolder-backend...

Mozilla Firefox Security Advisory (MFSA2015-100) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

U.S. Dept Of Defense: Unauthenticated Access to Admin Panel Functions at https://███████/███

Description: The admin panel at https://██████████/████████ and all its functions can be accessed without authentication. This is basically the same vulnerability as in 1394910, just on another system. Impact An attacker is able to use the administrative functions in order to upload, delete or...

CVE-2021-42025

CVE-2021-42025 affects Siemens Mendix Studio Pro-based deployments. Affected: Mendix Applications using Mendix 8 (all versions before 8.18.13) and Mendix 9 (all versions before 9.6.2). Root cause: incorrect authorization that can allow authenticated attackers to manipulate the content of System.F...

Moderate: glib2 security and bug fix update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib2: Possible privilege...

Mozilla Firefox Security Advisory (MFSA2016-81) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2016-69) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2021-34594

TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system...

CVE-2021-34594 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server

TwinCAT OPC UA Server in TF6100 and TS6100 in product versions before 4.3.48.0 or with TcOpcUaServer versions below 3.2.0.194 are prone to a relative path traversal that allow administrators to create or delete any files on the system...

Microsoft Windows Installer Privilege Escalation Vulnerability

Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files...

CVE-2021-38477

There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files...

CVE-2021-38477

There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files...

CVE-2021-38477

CVE-2021-38477 affects AUVESY Versiondog (data management software for automated production). The vulnerability is described as External Control of File Name or Path (CWE-73) within Versiondog’s API functions that read/write files and directories, enabling manipulation or deletion of files. The c...