Robustel R1510 操作系统命令注入漏洞

The Robustel R1510 is an industrial VPN router from Robustel China.The Robustel R1510 is vulnerable to an operating system command injection vulnerability, which stems from the fact that specially crafted network packets can be subject to a command injection vulnerability in the...

DEBIAN-CVE-2021-4057

Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-4057

Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-30515

Use after free in File API in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

flatCore Information Disclosure Vulnerability

flatCore is a lightweight content management system CMS based on PHP and SQLite. An information disclosure vulnerability exists in flatCore CMS prior to version 2.0.0 build 139, which stems from a local file disclosure vulnerability found in the program's docsfile acp interface's HTTP request bod...

flatCore 输入验证错误漏洞

flatCore is a lightweight content management system CMS based on PHP and SQLite. An information disclosure vulnerability exists in flatCore CMS prior to version 2.0.0 build 139, which stems from a local file disclosure vulnerability found in the program's docsfile acp interface's HTTP request bod...

Microsoft Outlook Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center. A malicious user could potentially share anonymously-accessible links to other users via email where these links are intended to b...

SAP BASIS Directory Traversal Vulnerability

SAP BASIS is a role engaged in sap system administration. Mainly responsible for sap system planning, installation, configuration, management, monitoring, maintenance, tuning, etc.. A security vulnerability exists in the ABAP File Interface in SAP BASIS that stems from the program's failure to...

CVE-2018-2367

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...

CVE-2018-2367

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...

Input validation

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...

CVE-2018-2367

The CVE affects SAP BASIS ABAP File Interface (v7.00–7.02, 7.10–7.11, 7.30–7.31, 7.40, 7.50–7.52). The root cause is insufficient validation of user-provided path information, allowing directory traversal characters to propagate to the file APIs. This could enable an attacker to access arbitrary ...