Directory traversal

An issue was discovered in Grafana Cortex through 1.9.0. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Cortex will attempt to parse a rules file at that...

CVE-2021-36157

An issue was discovered in Grafana Cortex through 1.9.0. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Cortex will attempt to parse a rules file at that...

PT-2021-12081 · Github.Com/Whyrusleeping/Tar Utils +3 · Github.Com/Whyrusleeping/Tar-Utils +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by improper path sanitization, allowing archives with relative file paths to write or overwrite files outside the intended directory...

Path traversal

Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. A local unauthenticated attacker could exploit this vulnerability in order to obtain the path of files and folders...

SUSE: Security Advisory (SUSE-SU-2018:2866-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

github.com/unknwon/cae Path Traversal vulnerability

The ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide...

CVE-2021-27571

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic...

Emote Remote Mouse 访问控制错误漏洞

Remote Mouse is an application. A remote mouse. A security vulnerability exists in Emote Remote Mouse version 4.0.0.0 and earlier versions, which can be exploited by an attacker to retrieve recently used and running applications, their icons and their file paths. This information is sent in clear...

Object injection via local phar file

This is a security release. SECURITY Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as ssh2 Ensure method signature consisten...

GO-2020-0035 Path traversal in github.com/yi-ge/unzip

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

GO-2020-0041 Path Traversal in github.com/unknwon/cae

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

GO-2020-0026 Arbitrary file write via archive extraction in github.com/openshift/source-to-image

Due to improper path sanitization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...

GO-2020-0042 Arbitrary File Write via Archive Extraction (Zip Slip) in github.com/sassoftware/go-rpmutils

Due to improper path sanitization, RPMs containing relative file paths can cause files to be written or overwritten outside of the target directory...

VulnCheck KEV: CVE-2018-9205

Vulnerability in avataruploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path...

USN-4770-1 glusterfs vulnerabilities

It was discovered that GlusterFS incorrectly handled network requests. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3619 It was discovered that GlusterFS incorrectly handled user permissions. An authenticated attacker...

CVE-2021-23976

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...

CVE-2020-8567

Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods...

Code injection

Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods...

CVE-2020-8567 Kubernetes Secrets Store CSI Driver plugin directory traversals

Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods...

Information Disclosure

apache tomcat is vulnerable to information disclosure. Security constraints can be bypassed to obtain and view JSP source code in certain configurations, when serving resources from a network location using the NTFS file system. The vulnerability is caused by the insufficient validation for the :...