Directory Traversal

github.com/u-root/u-root is vulnerable to directory traversal. A zip slip vulnerability allows an attacker to write arbitrary files on the system via a zip archive containing malicious file names with ../ characters...

GHSA-V3JV-WRF4-5845 Local Privilege Escalation in npm

Affected versions of npm use predictable temporary file names during archive unpacking. If an attacker can create a symbolic link at the location of one of these temporary file names, the attacker can arbitrarily write to any file that the user which owns the npm process has permission to write t...

Directory traversal

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...

CVE-2020-15121

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current...

Huawei EulerOS: Security Advisory for lftp (EulerOS-SA-2020-1756)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : lftp (EulerOS-SA-2020-1756)

According to the version of the lftp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of...

Fortinet FortiClient Elevation of Privilege Vulnerability (CNVD-2020-34648)

Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A security vulnerability exists in Fortinet FortiClient...

ApacheTomcat Code Problem Vulnerability

Apache Tomcat is the United States Apache Apache Software Foundation, a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. A security vulnerability exists in Apache Tomcat. The vulnerability can be exploited by an attacker to execute code by...

Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service BITS IIS module improperly handles uploaded content. An attacker who successfully exploited this vulnerability could upload restricted file types to an IIS-hosted folder. To exploit this...

Authorization Bypass

subversion is vulnerable to authorization bypass. The vulnerability exists as through the way Subversion handled file names with newline characters when the FSFS repository format was used. An attacker with commit access to an SVN repository could corrupt a revision by committing a specially...

Cross-Site Scripting (XSS)

firefox is vulnerable to cross-site scripting. A flaw was found in the way Firefox escaped a listing of local file names. If a user could be tricked into listing a local directory containing malicious file names, arbitrary JavaScript could be run with the permissions of the user running Firefox...

CentOS 7 : lftp (RHSA-2020:1045)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1045 advisory. - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...

Microsoft Dynamics CRM 2011 Update Rollup 6

Microsoft Dynamics CRM 2011 Update Rollup 6 INTRODUCTION Update Rollup 6 for Microsoft Dynamics CRM 2011 is available. This article describes the hotfixes and the updates that are included in this update rollup. This update rollup is available for all languages that are supported by Microsoft...

lftp: particular remote file names may lead to current working directory erased

It has been discovered that lftp does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker-controlled FTP server, resulting in the removal of all files...

Moderate: Red Hat Security Advisory: lftp security update

An update for lftp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Directory Traversal

DNN is vulnerable to directory traversal. A zip slip vulnerability due to the lack of validation of file names in a zip file allows an attacker to write or overwrite arbitrary files on the system...

CVE-2019-19800

Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet...

Design/Logic Flaw

Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet...

CVE-2019-15619

Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project...

CVE-2019-15619

Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project...