CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

PT-2024-15572 · WordPress · Ai Chatbot

Name of the Vulnerable Software and Affected Versions: AI ChatBot plugin for WordPress versions up to, and including, 5.3.4 Description: The issue allows authenticated attackers with subscriber-level access and above to delete files from a linked OpenAI account due to a missing capability check o...

CVE-2024-28064

Kiteworks Totemomail 7.x–8.2.1 is vulnerable to directory traversal via the /responsiveUI/EnvelopeOpenServlet endpoint using the messageId parameter, enabling unauthenticated read, delete, and write operations. Root cause involves directory traversal in the EnvelopeOpenServlet handling of message...

CVE-2024-28064

Kiteworks Totemomail 7.x and 8.x before 8.3.0 allows /responsiveUI/EnvelopeOpenServlet messageId directory traversal for unauthenticated file read and delete operations with displayLoginChunkedImages and write operations with storeLoginChunkedImages...

Exploit for CVE-2024-27460

CVE-2024-27460 - Plantronics Desktop Hub LPE Arbitrary File D...

CVE-2024-24908

Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability to deletion of arbitrary files stored on the server filesystem...

CVE-2024-24908

Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability to deletion of arbitrary files stored on the server filesystem...

CVE-2024-24908

Dell PowerProtect DM5500 (versions 5.15.0.0 and earlier) is affected by CVE-2024-24908 through a directory/path traversal that can allow a remote attacker with high privileges to delete arbitrary files on the server filesystem. Affected component: file system handling within the DM5500 appliance....

CVE-2024-24908

Dell PowerProtect DM5500 version 5.15.0.0 and prior contain an Arbitrary File Delete via Path Traversal vulnerability. A remote attacker with high privileges could potentially exploit this vulnerability to deletion of arbitrary files stored on the server filesystem...

Veritas NetBackup Arbitrary File Delete (VTS24-001)

The Veritas NetBackup application installed on the remote Windows host is prior to 9.1.0.1, 10.0.0.1, 10.1.1, prior to 10.2.0.1, prior to 10.3.0.1 or prior to 10.4. It is, therefore, affected by an arbitrary file delete vulnerability. An issue was discovered in Veritas NetBackup before 10.4. The...

A10 Networks Thunder ADC 安全漏洞

A10 Networks Thunder ADC is an application distribution/load balancer from A10 Networks that provides high performance. A10 Networks Thunder ADC has a security vulnerability that originates from failure to properly validate user-supplied paths before using them, a directory traversal and arbitrar...

CVE-2024-23773

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges...

CVE-2024-23773

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges...

CVE-2024-23773

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges...

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed by a...

CVE-2024-22014

An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete...

CVE-2024-22014

An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete...

CVE-2024-22014

CVE-2024-22014 affects 360 Total Security Antivirus (Windows) up to version 11.0.0.1061. The issue enables privilege escalation via Symbolic Link Follow to Arbitrary File Delete, indicating a vulnerability in how symbolic links are resolved when deleting files. Concrete affected product/version d...

CVE-2024-22014

An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete...