7209 matches found
OESA-2024-1245 atril security update
Mate-document-viewer is simple document viewer. It can display and print Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS, DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard,...
OESA-2024-1249 atril security update
Mate-document-viewer is simple document viewer. It can display and print Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS, DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard,...
OESA-2024-1248 atril security update
Mate-document-viewer is simple document viewer. It can display and print Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS, DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard,...
OESA-2024-1246 atril security update
Mate-document-viewer is simple document viewer. It can display and print Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS, DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard,...
CVE-2023-42661
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...
CVE-2023-42661
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...
Input validation
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...
CVE-2023-42661 JFrog Artifactory Improper input validation leads to arbitrary file write
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...
CVE-2023-42661
JFrog Artifactory before version 7.76.2 is affected by an Arbitrary File Write vulnerability due to insufficient validation of artifacts. The issue allows an authenticated user to cause DoS or Remote Code Execution by sending a specially crafted sequence of requests. Affected product: JFrog Artif...
CVE-2023-42661 JFrog Artifactory Improper input validation leads to arbitrary file write
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...
JFrog Artifactory Input Validation Error Vulnerability
JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustering and high-availability Docker registries, and provides an end-to-end automation solution for tracking artifacts from development to production. An input validation error...
BIT-PRESTASHOP-2023-39526 PrestaShopSQL manager vulnerability (potential RCE)
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds...
BIT-MLFLOW-2023-6976 Unrestricted Upload of File with Dangerous Type
This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process...
BIT-GITLAB-2024-0402 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace...
BIT-FLINK-2020-17518 Apache Flink directory traversal attack: remote file writing through the REST API
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...
PT-2024-2338 · Nessus · Nessus
Name of the Vulnerable Software and Affected Versions: Nessus affected versions not specified Description: The issue is related to a vulnerability in a Nessus plugin, which could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem locati...
GL.iNet AR300M 4.3.7 Arbitrary File Write
!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...
Important: cpio
Issue Overview: cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. CVE-2015-1197 Affected Packages: cpio Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...
GL.iNet AR300M v4.3.7 Arbitrary File Read Exploit
!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...
openSUSE: Security Advisory for squashfs (SUSE-SU-2023:4591-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...