NAS Backup to Tape and FLR fails with "Invalid ACL data"

Challenge A File to Tape Backup job e.g., SMB Share to Tape, NFS Share to Tape, or File Server to Tape or a File Restore from Tape fails with the error: Error Invalid ACL data. Error: Unable to find ObjectVersion in cache for the file. File path: X Other symptoms include: A failing file enumerati...

EulerOS 2.0 SP12 : less (EulerOS-SA-2024-2241)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation...

CVE-2024-6759

The CVE-2024-6759 issue affects FreeBSD NFS client behavior: the kernel does not sanitize remotely provided filenames containing the path separator "/" when mounting a remote filesystem, allowing readdir(3) and related calls to return entries with extra path components. This creates a confused de...

FreeBSD -- NFS client accepts file names containing path separators

Problem Description: When mounting a remote filesystem using NFS, the kernel did not sanitize remotely provided filenames for the path separator character, "/". This allows readdir3 and related functions to return filesystem entries with names containing additional path components. Impact: The la...

WordPress plugin UsersWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-28001 · Unknown · Matrix Tafnit

Name of the Vulnerable Software and Affected Versions: Matrix Tafnit version 8 Description: The issue is related to reliance on the file name or extension of externally-supplied files, as indicated by CWE-646. Recommendations: For Matrix Tafnit version 8, at the moment, there is no information...

less: OS command injection

An OS command injection flaw was found in Less. Since quoting is mishandled in filename.c, opening files with attacker-controlled file names can lead to OS command execution. Exploitation requires the LESSOPEN environment variable, which is set by default in many common cases...

CBL Mariner 2.0 Security Update: clamav (CVE-2024-20328)

The version of clamav installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-20328 advisory. - A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary command...

CVE-2024-3800 XSS in S@M CMS

Sites managed in S@M CMS Concept Intermedia might be vulnerable to Reflected XSS via including scripts in requested file names. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears...

PT-2024-27873 · Concept Intermedia · S@M Cms

Name of the Vulnerable Software and Affected Versions: S@M CMS Concept Intermedia affected versions not specified Description: The issue concerns a Reflected XSS vulnerability that can be exploited by including scripts in requested file names. It is noted that only a part of the observed services...

CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

Devika Security Breach

Stition Devika is an advanced AI software engineer at Stition USA that understands advanced human commands, breaks them down into steps, researches the relevant information, and writes code to achieve a given goal. Devika has a security vulnerability that stems from allowing external control over...

aiohttp: XSS on index pages for static file handling

A flaw was found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. When using "web.static..., showindex=True", the resulting index pages do not escape file names. If users can upload files with arbitrary filenames to the static directory, the server is vulnerable to...

CVE-2024-34060

CVE-2024-34060 affects IrisEVTXModule, an interface plugin used with Evtx2Splunk and Iris to ingest Microsoft EVTX logs via the iris-web pipeline. The vulnerability arises from unsafe handling of EVTX filenames during upload, enabling Arbitrary File Write and potentially remote code execution (RC...

CVE-2024-35205

The WPS Office aka cn.wps.mofficeeng application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aimi...

CVE-2024-35205

The WPS Office aka cn.wps.mofficeeng application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aimi...

CVE-2024-35205

The CVE-2024-35205 entry concerns WPS Office for Android (cn.wps.moffice_eng) before 17.0.0. The root cause is improper sanitization of filenames before external-application interactions, enabling a path traversal that could allow a crafted library file to overwrite a native library used by WPS O...

DEBIAN-CVE-2024-34490

In Maxima through 5.47.0 before 51704c, the plotting facilities make use of predictable names under /tmp. Thus, the contents may be controlled by a local attacker who can create files in advance with these names. This affects, for example, plot2d...

PT-2024-26508 · WordPress · Wordpress Backup & Migration

Name of the Vulnerable Software and Affected Versions: WordPress Backup & Migration plugin versions up to, and including, 1.4.8 Description: The issue allows authenticated attackers with subscriber access or above to access log files maintained by the plugin due to a missing capability check on t...

GHSA-RWFQ-V4HQ-H7FG static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names

Summary If directory listings are enabled for a directory that an untrusted user has upload privileges for, a malicious file name like .txt will allow JavaScript code execution in the context of the web server’s domain. Details SWS generally does not perform escaping of HTML entities on any value...