1500 matches found
Hitachi JP1/Extensible SNMP Agent Security Vulnerability
Hitachi JP1/Extensible SNMP Agent is an agent program from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi JP1/Extensible SNMP Agent that stems from incorrect default permissions and allows attackers to perform arbitrary file operations...
CVE-2024-38629
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of fileida fileida is allocated during cdev open and is freed accordingly during cdev release. This sequence is guaranteed by driver file operations. Therefore, there is no need to...
CVE-2024-38629 dmaengine: idxd: Avoid unnecessary destruction of file_ida
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Avoid unnecessary destruction of fileida fileida is allocated during cdev open and is freed accordingly during cdev release. This sequence is guaranteed by driver file operations. Therefore, there is no need to...
CVE-2024-2003
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine...
CVE-2024-2003 Local Privilege Escalation in Quarantine of ESET products for Windows
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine...
CVE-2024-2003 Local Privilege Escalation in Quarantine of ESET products for Windows
Local privilege escalation vulnerability allowed an attacker to misuse ESET's file operations during a restore operation from quarantine...
Multiple ESET products Security breaches
ESET Server Security and others are products of ESET Slovakia.ESET Server Security is an It solution.ESET File Security is an integrated solution designed for Microsoft Windows Server environments.ESET Mail ESET Mail Security is an email security solution. A security vulnerability exists in...
Phoenix Contact CHARX SEC-3100 charx_pack_logs Improper Input Validation Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 charging controllers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific fla...
Toshiba e-STUDIO2518A unzip Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Toshiba e-STUDIO2518A printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the unzip method. The issue results from the lack of proper...
PaperCut NG generateNextFileName Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw exists within the generateNextFileName method. The issue results from the lack of proper validation of a...
CVE-2024-5505
CVE-2024-5505 concerns the NETGEAR ProSAFE Network Management System, where the UpLoadServlet contains a directory traversal flaw that lacks proper validation of a user-supplied path in file operations. This leads to remote code execution with SYSTEM privileges. Exploitation is described as requi...
NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The specific flaw exists within the UpLoadServlet class. The issue results from the lack of proper...
LAquis SCADA LGX Report TextFile Open Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...
LAquis SCADA LGX Report Processing AddComboFile Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...
LAquis SCADA LGX Report File Open Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...
LAquis SCADA LGX Report TextFile OpenWithoutMemory Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...
LAquis SCADA LGX Report STRING WRITETOFILE Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...
LAquis SCADA LGX Report STRING READFROMFILE Path Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2024-28064
Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations with displayLoginChunkedImages and write operations with storeLoginChunkedImages...
RHEL 6 : glib2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - glib2: filecopyfallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a...