CVE-2022-43983

CVE-2022-43983 affects Browsershot v3.57.2. The flaw arises because HTML content passed to Browsershot::html is not validated for file:// URLs, enabling an external attacker to remotely obtain arbitrary local files. Documented impact includes high severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I...

CVE-2022-43983 Browsershot 3.57.2 - Server Side XSS to LFR via HTML

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol...

Mozilla Firefox 后置链接漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S. A backlink vulnerability exists in Mozila Firefox, which stems from an error message generated when resolving symbolic links such as file:///proc/self/fd/1, where the symbolic link resolves to a buffer containin...

ALPINE-CVE-2022-39253

Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone where the source and target of the clone...

CVE-2022-39253

Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone where the source and target of the clone...

File Protocol Spoofing

Description parse-url misinterpreting the file:// protocol when trying to match git urls. The following payload is certainly valid file protocol but is interpreted as ssh protocol. file:///etc/passwd?http://a:1:1 Proof of Concept // PoC.js const fs = require'fs'; var parseURL = require"parse-url"...

Electrum 参数注入漏洞

Electrum is an electronic bitcoin wallet. A security vulnerability exists in versions of Electrum prior to 4.2.2 that stems from paymentrequest.py allowing the use of a file protocol URL file:// in the r parameter of a payment request. On Windows, this could lead to capturing credentials via SMB...

GHSA-X43G-GJ9X-838X PhantomJS Arbitrary File Read

PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HT...

QNAP QTS / QuTS hero Buffer Overflow (QSA-21-50)

The version of QNAP QTS or QuTS hero on the remote host is affected by a heap-based buffer overflow vulnerability in devices that have Apple File Protocol AFP enabled. This allows attackers to execute arbitrary code. Note that Nessus has not tested for this issue but has instead relied only on th...

Netatalk 安全漏洞

Netatalk is open source software that provides AFP file server functionality for Classic Mac OS and macOS on Unix-like OS. A security vulnerability exists in Netatalk that originates when parsing len elements, where the process does not properly validate the length of user-supplied data before...

PartKeepr 信息泄露漏洞

PartKeepr is an inventory management software designed primarily for electronic components. a security vulnerability exists in PartKeepr, which stems from the use of a file:// URL that allows attachments to be loaded when creating parts, which can be exploited by an authenticated attacker to read...

PT-2025-37637

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's 9p protocol implementation where the reference count of a request is not properly initialized. Specifically, when a new request is allocated and...

Mozilla Firefox Security Advisory (MFSA2014-33) - Deprecated

This host is missing a security update for Mozilla Firefox. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Server-Side Request Forgery (SSRF) in chevereto/chevereto-free

Description Attackers can make the server perform arbitrary requests to internal IPs as well as use the file:/// protocol to disclose internal image data. Proof of Concept 1: Create a valid image file on the server /path/to/index.png 2: Choose add Image URLs and use a valid URL and click OK. Then...

Unpatched High-Severity Vulnerability Affects Apple macOS Computers

Cybersecurity researchers on Tuesday disclosed details of an unpatched zero-day vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines. "A vulnerability in macOS Finder allows files whose extension is inetloc to...

Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2015-7488)

Summary There is a vulnerability in IBM Spectrum Scale packaged with IBM Spectrum Scale RAID for the Elastic Storage Server and the GPFS Storage Server. Vulnerability Details CVEID: CVE-2015-7488 DESCRIPTION: IBM Spectrum Scale could allow a local, unprivileged user or a user with network access ...

Server-Side Request Forgery (SSRF)

plone.app.event is vulnerable to server-side request forgery SSRF. An attacker with the Manager access is able to submit requests on behalf of the server via the calendar import settings using file://...

The vulnerability in the implementation of the Windows SMB network protocol allows attackers to gain access to protected information.

The vulnerability of the Windows SMB network protocol implementation in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain access to protected information remotely...

CVE-2020-7790

This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include arbitrary files in the resultant PDF...

CVE-2020-7790

CVE-2020-7790 affects spatie/browsershot (v0.0.0 range) where specifying a file:// URL can cause arbitrary files to be included in the resulting PDF, indicating a local-file inclusion in the rendering path. Root cause: unsanitized handling of file:// URLs enabling access to arbitrary filesystem p...