Lucene search
K

777 matches found

RedHat Linux
RedHat Linux
added 2018/06/26 4:40 p.m.7 views

spark: Absolute and relative pathnames allow for unintended static file disclosure

In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark...

5.3CVSS5.9AI score0.046EPSS
Exploits0References4
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

CVE-2018-5118

The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is blocked by the...

5.3CVSS7.3AI score0.01578EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2018/06/07 12:0 a.m.3 views

PT-2018-16151 · 626 · 626

Name of the Vulnerable Software and Affected Versions: 626 versions all Description: The issue is related to a Path Traversal vulnerability due to the lack of validation of files, which allows a malicious user to read the content of any file with a known path. This enables a remote attacker to re...

7.5CVSS7.2AI score0.02038EPSS
Exploits1References3
NVD
NVD
added 2018/06/06 8:29 p.m.28 views

CVE-2018-1265

Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego...

7.2CVSS7AI score0.01771EPSS
Exploits0References1
OSV
OSV
added 2018/06/06 8:29 p.m.27 views

CVE-2018-1265

Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego...

7.2CVSS7.2AI score0.01771EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2018/06/05 12:0 a.m.38 views

CVE-2018-1265: Diego does not properly sanitize file paths in tar/zip files | Cloud Foundry

Severity Critical Vendor Cloud Foundry Foundation Affected Cloud Foundry Products and Versions You are using diego-release versions prior to 2.8.0 You are using cf-deployment versions prior to v1.37.0 Description Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize fil...

7.2CVSS7AI score0.01771EPSS
Exploits0
NVD
NVD
added 2018/05/02 1:29 p.m.29 views

CVE-2018-5519

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access for example, any user when licensed for Appliance Mode, this allo...

5.5CVSS5.3AI score0.01052EPSS
Exploits0References2
Prion
Prion
added 2018/05/02 1:29 p.m.19 views

Code injection

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access for example, any user when licensed for Appliance Mode, this allo...

5.5CVSS5.3AI score0.01052EPSS
Exploits0References2Affected Software13
Cvelist
Cvelist
added 2018/05/02 1:0 p.m.28 views

CVE-2018-5519

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access for example, any user when licensed for Appliance Mode, this allo...

5.3AI score0.01052EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/09 12:0 a.m.4 views

Drupal avatar_uploader arbitrary file download vulnerability

avataruploader is the module used to implement the function of uploading user images in a content management system maintained by the Drupal community. A security vulnerability exists in avataruploader version 7.x-1.0-beta8, which is caused by code in the view.php file that fails to validate user...

7.5CVSS7.1AI score0.56924EPSS
Exploits6References1
OSV
OSV
added 2018/04/04 3:29 p.m.5 views

CVE-2018-9205

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

7.5CVSS5.8AI score0.56924EPSS
Exploits6References4
Prion
Prion
added 2018/03/14 5:29 p.m.38 views

Privilege escalation

The Desktop Bridge Virtual File System VFS in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how file paths are managed, aka "Windows Desktop Bridge VFS Elevation of Privilege Vulnerability"...

7.2CVSS7.6AI score0.0348EPSS
Exploits2References4Affected Software2
OSV
OSV
added 2018/03/01 5:29 p.m.3 views

CVE-2018-2380

SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs...

6.6CVSS5.8AI score0.29229EPSS
Exploits5References6
OSV
OSV
added 2018/01/23 12:0 a.m.1 views

UBUNTU-CVE-2018-5118

The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is blocked by the...

5.3CVSS6.8AI score0.01578EPSS
Exploits0References4
Debian
Debian
added 2018/01/11 8:51 a.m.19 views

[SECURITY] [DSA 4083-1] poco security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4083-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 11, 2018 https://www.debian.org/security/faq -...

5.8CVSS1.6AI score0.01681EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/01/08 12:0 a.m.18 views

GLSA-201801-06 : Back In Time: Command injection

The remote host is affected by the vulnerability described in GLSA-201801-06 Back In Time: Command injection Back in Time did improper escaping/quoting of file paths used as arguments to the notify-send command leading to some parts of file paths being executed as shell commands within an os.syst...

9.3CVSS7.8AI score0.01462EPSS
Exploits0References2
OSV
OSV
added 2018/01/04 4:48 p.m.4 views

MGASA-2018-0059 Updated backintime packages fix security vulnerability

backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...

9.3CVSS7.6AI score0.01462EPSS
Exploits0References3
Mageia
Mageia
added 2018/01/04 4:48 p.m.33 views

Updated backintime packages fix security vulnerability

backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...

9.3CVSS3.6AI score0.01462EPSS
Exploits0References2
Prion
Prion
added 2017/11/08 6:29 p.m.14 views

Input validation

backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...

9.3CVSS7.5AI score0.01462EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2017/11/08 6:29 p.m.13 views

CVE-2017-16667

backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...

9.3CVSS7.6AI score0.01462EPSS
Exploits0References4
Rows per page
Query Builder