PT-2023-9953 · WordPress · Halulu Simple-Download-Button-Shortcode Plugin

Name of the Vulnerable Software and Affected Versions: Halulu simple-download-button-shortcode Plugin version 1.0 Description: A vulnerability has been found in the Halulu simple-download-button-shortcode Plugin on WordPress. The issue affects an unknown function of the file simple-download-butto...

PT-2023-26247 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System

Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A vulnerability was found in the Chengdu Flash Flood Disaster Monitoring and Warning System. It affects some unknown functionality of the file...

The vulnerability of the HandleFileArg function in the XML data compression tool Xmill allows a attacker to execute arbitrary code.

The vulnerability of the HandleFileArgl function in the XML data compression tool Xmill is related to a memory boundary error during the processing of XML files. Exploiting this vulnerability can allow a local attacker to execute arbitrary code...

CVE-2023-3240

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNewsdeal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and...

SUSE CVE-2012-5611

Stack-based buffer overflow in the aclget function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to...

SUSE CVE-2021-32563

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program based on the file type without user confirmation. This could be used to achieve code execution...

PT-2023-10222 · Unknown · Abreen Apollo

Name of the Vulnerable Software and Affected Versions: abreen Apollo affected versions not specified Description: A critical vulnerability was found in abreen Apollo, affecting an unknown part. The manipulation of the file argument leads to path traversal. Recommendations: To fix this issue, it i...

UBUNTU-CVE-2022-45299

An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL...

CVE-2022-3939

A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by this issue is some unknown functionality of the file apis/public/file.go of the component API. The manipulation of the argument file leads to path traversal. The attack may be launched remotely...

CVE-2022-2647

A vulnerability was found in jeecg-boot. It has been declared as critical. This vulnerability affects unknown code of the file /api/. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...

DEBIAN-CVE-2021-32563

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program based on the file type without user confirmation. This could be used to achieve code execution...

UBUNTU-CVE-2021-32563

An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a different program based on the file type without user confirmation. This could be used to achieve code execution...

CVE-2016-8944

IBM AIX 7.1 and 7.2 allows a local user to open a file with a specially crafted argument that would crash the system. IBM APARs: IV91488, IV91487, IV91456, IV90234...

java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)

Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to execute arbitrary code via a long file: URL in a...

Information disclosure

onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...

CVE-2008-0368

onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

CVE-2003-1375

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument...

CVE-2007-2062

Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user-assisted remote attackers to execute arbitrary code via a long FILE argument in a CUE file...

Stack overflow

Stack-based buffer overflow in the filecompress function in minigzip Modules/zlib in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument...