70 matches found
CVE-2024-25965
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service...
GHSA-9F8C-PFVV-P4GM Buffer Overflow in gitea
Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...
CVE-2024-31492
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2024-31492
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2024-25123
MSS Mission Support System is an open source package designed for planning atmospheric research flights. In file: index.py, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different resources. The filena...
CVE-2023-38695
cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in...
Design/Logic Flaw
cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in...
CVE-2023-38695 cypress-image-snapshot vulnerable to insecure snapshot file names
cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in...
GHSA-VXJG-HCHX-CC4G @simonsmith/cypress-image-snapshothas fix for insecure snapshot file names
Impact It's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. Example: js cy.get'h1'.matchImageSnapshot'../../../ignore-relative-dirs' The above will create an ignore-relative-dirs.png three levels ...
CVE-2023-32985
Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
PT-2023-24118 · Jenkins · Jenkins Sidebar Link Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Sidebar Link Plugin versions 2.2.1 and earlier Description: The issue allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. This is due to th...
CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...
Design/Logic Flaw
Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the name of files in methods implementing form validation, allowing attackers with Item/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-24241
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp...
CVE-2022-28058
Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...
Design/Logic Flaw
Gradio is an open source framework for building interactive machine learning models and demos. In versions prior to 2.5.0 there is a vulnerability that affects anyone who creates and publicly shares Gradio interfaces. File paths are not restricted and users who receive a Gradio link can access an...
GHSA-43G8-79X3-J898 Unrestricted access to predictable file paths in hov/jobfair
An issue was discovered in the jobfair aka Job Fair extension before 1.0.13 and 2.x before 2.0.2 for TYPO3. The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the filename of uploaded...
CVE-2021-23407
This affects the package elFinder.Net.Core from 0 and before 1.2.4. The user-controlled file name is not properly sanitized before it is used to create a file system path...
The vulnerability of the module for creating and saving structured information about company departments in the “LOCMAN Reference Guide for Structural Departments” system, which manages engineering data and the product lifecycle of LOCMAN:PLM, arises from the possibility of unlimited loading of dangerous files. This vulnerability allows attackers to execute arbitrary code.
The vulnerability of the module responsible for creating and saving structured information about company departments in the “LOCZMAN Reference Guide for Structural Departments” system, which manages engineering data and the product lifecycle of LOCZMAN:PLM, relates to the unlimited loading of...
Stack overflow
Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...