Code injection

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a local, low privileged attacker to disclose hidden virtual path...

sudo-rs: Path Traversal vulnerability

Impact An issue was discovered where usernames containing the . and / characters could result in the corruption of specific files on the filesystem. As usernames are generally not limited by the characters they can contain, a username appearing to be a relative path can be constructed. For exampl...

CVE-2023-26146

All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting XSS such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered...

Advisory ROSA-SA-2023-2232

Software: firefox 102.14.0 OS: rosa-server79 packageevrstring: firefox-102.14.0-3.res7.x8664.rpm CVE-ID: CVE-2023-3417 BDU-ID: 2023-03965 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character for overriding text directio...

ROS-20230908-08

A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character to to override text direction in file names. Exploitation of the vulnerability could allow an attacker, acting remotely to conduct spoofing attacks...

Oracle Linux 7 : lftp (ELSA-2020-1045)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1045 advisory. 4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased Tenable has extracted the precedin...

CVE-2023-2453

There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘requireonce’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known...

Design/Logic Flaw

There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘requireonce’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known...

CVE-2023-2453

CVE-2023-2453 affects PHPFusion. The issue is insufficient sanitization of tainted file names directly concatenated with a path and passed to a require_once statement, allowing inclusion and execution of arbitrary .php files when the absolute path is known. The description notes there is no known...

PT-2023-4770 · Unknown · Php-Fusion

Name of the Vulnerable Software and Affected Versions: PHPFusion affected versions not specified Description: The issue is related to insufficient sanitization of tainted file names that are directly concatenated with a path and subsequently passed to a require once statement. This allows arbitra...

Medium: openssh

Issue Overview: An issue was discovered in OpenSSH 7.4 on Amazon Linux 2 and Amazon Linux 1. The fix for CVE-2019-6111 only covered cases where an absolute path is passed to scp. When a relative path is used there is no verification that the name of a file received by the client matches the file...

CVE-2023-38695 cypress-image-snapshot vulnerable to insecure snapshot file names

cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in...

Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2023-2402)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability in the Thunderbird email client exists due to incorrect processing of Unicode characters for determining the text direction in file names. This allows attackers to perform spoofing attacks.

The vulnerability of the Thunderbird email client exists due to the incorrect processing of the Unicode character, which affects the direction of text in file names. Exploiting this vulnerability allows a remote attacker to perform spam attacks...

Cross-site Scripting (XSS)

odoo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the binary field widget which allows an attackers to inject arbitrary web script via crafted uploaded file names...

CVE-2023-28485

A stored cross-site scripting Stored XSS vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board where they have BoardAdmin access,...

Information Disclosure

francoisjacquet/rosariosis is vulnerable to Information Disclosure. The vulnerability exists due to the lack of permissions and random generation of file names for uploaded files, which allows an attacker to download files on the system...

The vulnerabilities of Mozilla Firefox, Focus for Android, Mozilla Firefox ESR, and the email client Thunderbird involve improper handling of file names that end with .desktop. This allows attackers to bypass security restrictions and execute arbitrary commands.

The vulnerability in Mozilla Firefox, Focus for Android, Mozilla Firefox ESR, and the email client Thunderbird is related to incorrect handling of file names that end with .desktop. Exploiting this vulnerability allows a remote attacker to bypass security restrictions and execute arbitrary comman...

The vulnerabilities of Mozilla Firefox, Focus for Android, Mozilla Firefox ESR, and the email client Thunderbird involve improper handling of the new line in the file name. This allows attackers to bypass security restrictions and execute arbitrary code.

The vulnerability in Mozilla Firefox, Focus for Android, Mozilla Firefox ESR, and the email client Thunderbird is related to incorrect handling of a new line in the file name. Exploiting this vulnerability allows an attacker to bypass security restrictions and execute arbitrary code...

emacs: command injection vulnerability in htmlfontify.el

A flaw was found in the Emacs package. If a file name or directory name contains shell metacharacters, arbitrary code may be executed...