DEBIAN-CVE-2024-54661

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file...

AZL-53978 CVE-2024-54661 affecting package socat for versions less than 1.7.4.3-2

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file...

USN-7129-1: TinyGLTF vulnerability

It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

USN-7129-1 TinyGLTF vulnerability

It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code...

CVE-2024-10857

The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.9 via the handledownloads function due to insufficient file path validation/sanitization. This makes it possible for authenticated attackers, with...

CVE-2024-10857

CVE-2024-10857 concerns the WordPress plugin Product Input Fields for WooCommerce. The vulnerability is a directory traversal flaw in the handle_downloads() function caused by insufficient file path validation/sanitization, allowing authenticated attackers with Contributor-level access and higher...

Duplicate Advisory: Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5545-r4hg-rj4m. This link is maintained to preserve external references. Original Description A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file...

WordPress plugin Wp Maximum Upload File Size 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

Multiple vulnerabilities in Edgecross Basic Software for Windows

Overview Edgecross Basic Software for Windows provided by Edgecross Consortium contains multiple vulnerabilities listed below. Incorrect default permissions CWE-276 - CVE-2024-4229 External control of file name or path CWE-73 - CVE-2024-4230 Edgecross Consortium reported these vulnerabilities to...

CVE-2024-11490

A vulnerability was found in 115cms up to 20240807. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php/admin/web/set.html. The manipulation of the argument type leads to cross site scripting. The attack can be launched remotely...

CVE-2024-52788

Tenda W9 v1.0.0.74456 was discovered to contain a hardcoded password vulnerability in /etcro/shadow, which allows attackers to log in as root...

User Management System /ums-sp/admin/registered-users.php File Cross-Site Scripting Vulnerability

User Management System is a user management system. User Management System suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied data in the file /ums-sp/admin/registered-users.php, which can be exploited by an attacke...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-7109-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7109-1 advisory. Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this...

CVE-2024-43093

In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2024-43093

CVE-2024-43093 affects the Android Framework component ExternalStorageProvider.java, where a bypass of a file-path filter can occur due to incorrect Unicode normalization. The root issue can allow local escalation of privilege without extra execution privileges, with exploitation requiring user i...

CVE-2024-43093

In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User...

CVE-2024-49506

CVE-2024-49506 corresponds to an insecure temporary-file creation in aeon-checks/openSUSE-related tooling. The vulnerability allows a local attacker on systems with non-default configurations to cause a denial of service or set the filesystem encryption key. Several connected sources reference ae...

CVE-2024-49506 Fixed temporary file path in aeon-checks allows fixing of disk encryption key

Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem...

CVE-2024-11150

The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deletetmpuploadedfile function in all versions up to, and including, 16.6. This makes it possible for unauthenticated attackers to delete arbitrary files o...

Exploit for CVE-2024-32640

CVE-2024-32640 MySQL Blind SQL Injection Proof of Concept Thi...