769 matches found
CVE-2021-21686
File path filters in the agent-to-controller security subsystem of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories...
CVE-2021-21686
A link following vulnerability was found in Jenkins. The file path filters do not canonicalize paths allowing operations to follow symbolic links to directories they are not supposed to have access to. This may allow an attacker to read and write arbitrary files on the Jenkins controller file...
CVE-2021-36991
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access...
CVE-2021-36991
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access...
Gurock Testrail 7.2.0.3014 - (files.md5) Improper Access Control Vulnerability
Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Reference:...
Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control
Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...
Improper access control
Improper Access Control in Gurock TestRail versions 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The...
PT-2021-22998 · Gurock · Gurock Testrail
Name of the Vulnerable Software and Affected Versions: Gurock TestRail versions prior to 7.2.0.3014 Description: The issue is related to improper access control, resulting in sensitive information exposure. A threat actor can access the "/files.md5" file on the client side of a Gurock TestRail...
IBM Sterling File Gateway 信息泄露漏洞
IBM Sterling File Gateway is a suite of file transfer software from IBM Corporation. The software integrates different file transfer activity centers and helps file-based data to be securely exchanged over the Internet.An information disclosure vulnerability exists in IBM Sterling File Gateway,...
Amazon Linux AMI : curl (ALAS-2021-1525)
The version of curl installed on the remote host is prior to 7.61.1-12.99. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1525 advisory. A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for 'issuer cert' and...
GHSA-9RJP-R58J-FXGQ Path traversal in elFinder.NetCore
This affects all versions of package elFinder.NetCore. The Path.Combine... method is used to create an absolute file path. Due to missing sanitation of the user input and a missing check of the generated path its possible to escape the Files directory via path traversal...
Reg1c1de - Registry Permission Scanner For Finding Potential Privesc Avenues Within Registry
Reg1c1de is a tool that scans specified registry hives and reports on any keys where the user has write permissions In addition, if any registry values are found that contain file paths with certain file extensions and they are writeable, these will be reported as well. More information on this...
CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
Code injection
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead ...
Directory Traversal
github.com/cortexproject/cortex is vulnerable to Directory Traversal. An attacker can pass a malicious pathname such as ae ../../sensitive/path/in/deployment because it directly uses header value X-Scope-OrgID to construct file paths, leading to parsing of a rules file at that location and leakin...
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning
Overview The tar package has a high severity vulnerability before versions 3.2.3, 4.4.15, 5.0.7, and 6.1.2. Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths...
Directory traversal
An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that locatio...