CVE-2023-5751 CODESYS: Development system prone to DoS through exposure of resource to wrong sphere

A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere...

ArForms < 6.6 - Unauthenticated RCE

Description The plugin allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form PoC 1. Create a form with an upload input 2. As an unauthenticated user, upload an image file and intercept the request. 3...

CVE-2024-4163

The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal IGX. However, it was discovered that the process was running under root privileges. This allowed the attacker to read, write, and modify any file in the operating system by utilizing the limited shell file exe...

CVE-2024-4163 Privilege Escalation on Skylab IIoT Gateway (IGX)

The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal IGX. However, it was discovered that the process was running under root privileges. This allowed the attacker to read, write, and modify any file in the operating system by utilizing the limited shell file exe...

GHSA-2P2X-P7WJ-J5H2 PsiTransfer: File integrity violation

Summary The absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. Details Vulnerable endpoint: PATCH /files/id PoC 1. Create a file distribution. 2. Go to the...

PsiTransfer: File integrity violation

Summary The absence of restrictions on the endpoint, which is designed for uploading files, allows an attacker who received the id of a file distribution to change the files that are in this distribution. Details Vulnerable endpoint: PATCH /files/id PoC 1. Create a file distribution. 2. Go to the...

PT-2024-24088 · Unknown · Psitransfer

Name of the Vulnerable Software and Affected Versions: PsiTransfer versions prior to 2.2.0 Description: The issue arises from the absence of restrictions on the PATCH /files/id endpoint, which is designed for uploading files. This allows an attacker who has received the id of a file distribution ...

The vulnerability of the CRI-O Container Engine’s application programming interface allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the CRI-O Container Engine’s application programming interface, a software platform for managing clusters of virtual machines in Kubernetes, stems from the ability to add arbitrary strings to the /etc/passwd file using a specially created environment variable. Exploiting this...

Apache Doris 竞争条件问题漏洞

Apache Doris is a modern MPP analytic database product of the U.S. Apache Apache Foundation. Can provide sub-second queries and efficient real-time data analysis. Apache Doris has a security bypass vulnerability that stems from the use of the chmod function, which can be exploited by an attacker ...

Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

CVE-2024-27317 Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

CVE-2024-27317 Apache Pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

CVE-2024-27297

Nix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another program running on the host or another fixed-output derivation via Unix domain sockets in the abstract namespace. This allows to modify the...

Design/Logic Flaw

IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415...

CVE-2023-26282 IBM Watson CP4D Data Stores file modificiation

IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415...

CVE-2023-26282 IBM Watson CP4D Data Stores file modificiation

IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415...

CVE-2024-1683

A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services...

CVE-2024-1683 DLL Injection in Tenable Identity Exposure Secure Relay

A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for overriding of the configuration and running of new Secure Relay services...

Tenable Identity Exposure Secure Relay Operating System Command Injection Vulnerability

Tenable Identity Exposure Secure Relay is a schema for transferring Active Directory data from the network to Tenable Identity Exposure using Transport Layer Security TLS from Tenable USA. A security vulnerability exists in Tenable Identity Exposure Secure Relay versions prior to 3.59.4, which...

PT-2024-18219 · Unknown · Tie Secure Relay

Name of the Vulnerable Software and Affected Versions: TIE Secure Relay affected versions not specified Description: A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for...