Lucene search
K

779 matches found

RedHat Linux
RedHat Linux
added 2023/01/25 3:32 p.m.6 views

Mozilla: Arbitrary file read from GTK drag and drop on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to DataTransfer.setData...

6.5CVSS7.3AI score0.00641EPSS
Exploits0References6
Veracode
Veracode
added 2023/01/25 9:12 a.m.16 views

Path Traversal

github.com/uber/kraken is vulnerable to Path Traversal. The vulnerability exists because the downloadHandler parameter in the server.go does not properly sanitize the relative file paths and user inputs, allowing an attacker to write arbitrary files outside the expected directory...

7.5CVSS7.3AI score0.00799EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2023/01/24 7:19 a.m.14 views

Path Traversal

web-node-server is vulnerable to Path Traversal. The vulnerability is due to to a lack of sanitization of relative file paths in the start function of nodeserver.js which allows an attacker to write arbitrary files outside the expected directory...

7.5CVSS7.3AI score0.00889EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.4 views

PT-2023-19615 · Jenkins · Jenkins Visualexpert Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins visualexpert Plugin versions 1.3 and earlier Description: The issue allows attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system, due to a lack of...

4.3CVSS4.3AI score0.01187EPSS
Exploits0References3
Veracode
Veracode
added 2023/01/16 4:30 p.m.16 views

Path Traversal

github.com/whyrusleeping/tar-utils is vulnerable to Path Traversal. The vulnerability exists because the elems parameter in the Sanitize function of extractor.go does not properly sanitize the relative file paths, allowing an attacker to write arbitrary files outside the expected directory...

9.1CVSS8.8AI score0.01023EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2023/01/12 8:22 a.m.25 views

Remote Code Execution

git is vulnerable to Remote Code Execution RCE. The vulnerability is due to lsfiles in lib.rb not un-escaping file paths when using eval, which allows an attacker to execute remote code...

8CVSS8.2AI score0.01351EPSS
Exploits0References7Affected Software2
RedhatCVE
RedhatCVE
added 2023/01/03 8:4 a.m.26 views

CVE-2018-25046

A flaw was found in the cloudfoundry/archiver package. In affected versions of this package, archives containing relative file paths can cause files to be written or overwritten outside of the target directory due to improper path sanitization...

9.1CVSS4.3AI score0.01188EPSS
Exploits0References6
OSV
OSV
added 2022/12/28 12:30 a.m.22 views

GHSA-F5C5-HMW9-V8HX Unzip vulnerable to path traversal

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS9.1AI score0.01325EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/12/28 12:30 a.m.25 views

Cloud Foundry Archiver vulnerable to path traversal

Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS4AI score0.01188EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2022/12/28 12:30 a.m.26 views

Unzip vulnerable to path traversal

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS8.7AI score0.01325EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/12/28 12:30 a.m.22 views

tar-utils Path Traversal vulnerability

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS8.7AI score0.01023EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/12/28 12:30 a.m.15 views

GHSA-32QH-8VG6-9G43 Cloud Foundry Archiver vulnerable to path traversal

Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS9.1AI score0.01188EPSS
Exploits0References5
OSV
OSV
added 2022/12/28 12:30 a.m.13 views

GHSA-JPF8-H7H7-3PPM tar-utils Path Traversal vulnerability

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS9.1AI score0.01023EPSS
Exploits0References5
NVD
NVD
added 2022/12/27 10:15 p.m.17 views

CVE-2020-36561

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS0.01325EPSS
Exploits1References4
OSV
OSV
added 2022/12/27 10:15 p.m.12 views

CVE-2018-25046

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.1CVSS9.2AI score
Exploits0References3
Prion
Prion
added 2022/12/27 10:15 p.m.16 views

Input validation

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

6.4CVSS9.1AI score0.01249EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2022/12/27 10:15 p.m.12 views

Input validation

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

6.4CVSS9.1AI score0.01188EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/12/27 10:15 p.m.15 views

Input validation

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

6.4CVSS9.1AI score0.01325EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/12/27 9:13 p.m.16 views

CVE-2020-36566 Path traversal in github.com/whyrusleeping/tar-utils

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.2AI score0.01023EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/27 9:13 p.m.30 views

CVE-2020-36561 Path traversal in github.com/yi-ge/unzip

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

9.2AI score0.01325EPSS
Exploits1References4
Rows per page
Query Builder