GHSA-2RVV-W9R2-RG7M Information Disclosure in Apache Tomcat

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of...

Description of the security update for SharePoint Server 2019: May 11, 2021 (KB5001916)

Description of the security update for SharePoint Server 2019: May 11, 2021 KB5001916 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and a Microsoft SharePoint spoofing vulnerability and information disclosure vulnerability. To learn more...

GHSA-8P9R-F949-699G Path Traversal in browserless-chrome

This affects all versions of browserless-chrome before 1.43.0. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server...

Exploit for Unrestricted Upload of File with Dangerous Type in Wordpress

PoC exploit for CVE-2019-8942 and CVE-2019-8943, a pair of vulne...

Huawei EulerOS: Security Advisory for perl-File-Path (EulerOS-SA-2021-1829)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : perl-File-Path (EulerOS-SA-2021-1829)

According to the version of the perl-File-Path package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Race condition in the rmtree and removetree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on...

SUSE: Security Advisory (SUSE-SU-2021:0449-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Installer Service Untrusted File Path Arbitrary File Write Vulnerability

This vulnerability allows local attackers to write data to arbitrary files on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Novel Boutique House-plus 3.5.1 - Arbitrary File Download

Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Date: 27/03/2021 Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerab...

Novel Boutique House-plus 3.5.1 - Arbitrary File Download Vulnerability

Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerable code:...

CVE-2021-3034

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...

Synology DiskStation Manager 缓冲区错误漏洞

Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. A security vulnerability exists in faad in Synology DiskStation Manager...

SUSE-SU-2021:0449-1 Security update for perl-File-Path

This update for perl-File-Path fixes the following issues: - Provide File::Path version 2.15 to SLE-12-SP5 jscSLE-17088, jscECO-3050 - CVE-2017-6512: fix a race condition in the File-Path module for Perl...

CVE-2020-26299

A potential path traversal vulnerability was found in ftp-srv in the 'path.resolve' function. It could occur on a Windows server as it allows the use of backward slash'' characters as separators in a file path allowing the user to move beyond the root folder defined for that user...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

Stack overflow

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...