CVE-2021-36395

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service...

CVE-2021-36395

CVE-2021-36395 affects Moodle via the file repository URL parsing, where insufficient recursion handling is the root cause that could lead to a denial-of-service. The provided sources (NVD, OSV, GHSA, CNVD, CNVD/OSV mirrors) consistently describe the issue as an uncontrolled resource consumption ...

CVE-2021-36395

In Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service...

SUSE CVE-2006-5750

Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server jbossas 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager...

SUSE CVE-2017-10961

REDCap before 7.5.1 has CSRF in the deletion feature of the File Repository and File Upload components...

Path traversal

A vulnerability classified as critical was found in hoffie larasync. This vulnerability affects unknown code of the file repository/content/filestorage.go. The manipulation leads to path traversal. The name of the patch is 776bad422f4bd4930d09491711246bbeb1be9ba5. It is recommended to apply a pat...

CVE-2022-33926

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked...

CVE-2022-33926

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked...

Improper access control

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked...

CVE-2022-33926

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked...

Design/Logic Flaw

Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...

CVE-2022-22931 Path traversal in Apache James 3.6.1

Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...

Design/Logic Flaw

The File RepositoRy Server FRS CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682...

CVE-2015-2074

The File Repository Server FRS CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681...

Design/Logic Flaw

The File Repository Server FRS CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681...

CVE-2015-2074

The File Repository Server FRS CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681...

CVE-2015-2074

The CVE-2015-2074 issue affects SAP BusinessObjects Edge 4.0: the File Repository Server (FRS) CORBA listener allows remote, unauthenticated writers to overwrite arbitrary files via a full pathname. Onapsis/SAP notes describe this vulnerability and patch SAP Note 2018681 with fixes for affected r...

K7 Computing Quick Heal Total Security Security Vulnerability

K7 Computing Total Security is a suite of antivirus software for the Windows platform from K7 Computing, USA. A security vulnerability exists in Quick Heal Total Security prior to version 19.0, which stems from a vulnerability that allows an attacker to exploit the vulnerability with local...

Artica Pandora FMS Code Issue Vulnerability (CNVD-2020-32917)

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A code issue vulnerability exists in the File Repository Manager feature in Artica Pandora FMS version 7.44. The...

CVE-2020-13855

Artica Pandora FMS 7.44 allows arbitrary file upload leading to remote command execution via the File Repository Manager feature...