Lucene search
K

82 matches found

OSV
OSV
added 2022/03/25 7:15 a.m.6 views

CVE-2022-22688

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

8.8CVSS7.6AI score0.01575EPSS
Exploits0References1
NVD
NVD
added 2022/03/25 7:15 a.m.29 views

CVE-2022-22688

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

8.8CVSS0.01575EPSS
Exploits0References1
Prion
Prion
added 2022/03/25 7:15 a.m.23 views

Command injection

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

6.5CVSS8.6AI score0.01575EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/25 6:55 a.m.27 views

CVE-2022-22688

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

8.8CVSS8.9AI score0.01575EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/03/25 12:0 a.m.6 views

PT-2022-15634 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.2.4-25556-2 Description: The issue is related to improper neutralization of special elements used in a command, allowing remote authenticated users to execute arbitrary commands via...

8.8CVSS7.7AI score0.01575EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/03/21 11:16 a.m.6 views

CVE-2022-22688

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

8.8CVSS7.6AI score0.01575EPSS
Exploits0References2
Adobe
Adobe
added 2021/10/26 12:0 a.m.45 views

APSB21-95 : Security update available for Adobe Character Animator

Adobe has released an update for Adobe Character Animator for Windows and macOS. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and file service reads, privilege escalation, and application denial of service...

6.3AI score
Exploits0Affected Software1
Gitee
Gitee
added 2020/05/06 3:20 p.m.5 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...

10CVSS7.1AI score0.9981EPSS
Exploits125
OSV
OSV
added 2020/03/25 5:35 p.m.2 views

GHSA-66Q9-F7FF-MMX6 Local file inclusion vulnerability in http4s

Impact This vulnerability applies to all users of: org.http4s.server.staticcontent.FileService org.http4s.server.staticcontent.ResourceService org.http4s.server.staticcontent.WebjarService Path escaping URI normalization is applied incorrectly. Requests whose path info contain ../ or // can expos...

7.6CVSS6.9AI score0.06817EPSS
Exploits0References5
exploitpack
exploitpack
added 2020/02/14 12:0 a.m.44 views

HomeGuard Pro 9.3.1 - Insecure Folder Permissions

HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/hg-pro/exe/HomeGuardPro-Setup.exe Version 9.3.1 Tested On:...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/10/07 12:0 a.m.5 views

PT-2019-19979 · Iodine · Iodine

Name of the Vulnerable Software and Affected Versions: Iodine versions less than 0.7.33 Description: A path traversal issue in the static file service allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs. This can be achieved by drafting malicious...

7.5CVSS7.4AI score0.00914EPSS
Exploits0References13
Prion
Prion
added 2018/04/18 2:29 p.m.21 views

Double free

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, incorrect error handling could lead to a double fre...

10CVSS8.1AI score0.01252EPSS
Exploits0References2
CNVD
CNVD
added 2016/09/19 12:0 a.m.4 views

Arbitrary File Deletion Vulnerability in the fileservice/FileManage.asmx?op Page of the Elearning Management System of Xinwei Software

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. The E-learning management system fileservice/FileManage.asmx?op page contains an arbitrary file deletion vulnerability that can be exploited by an attacker to delete files and folders...

7.1AI score
Exploits0References1
Exploit DB
Exploit DB
added 2010/09/16 12:0 a.m.37 views

mojoportal - Multiple Vulnerabilities

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' Abysssec Inc Public Advisory Title : mojoportal Multiple Remote Vulnerabilities Affected Version : mojoPortal 2-3-4-3 Discovery : www.Abysssec.com Vendor :...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-416)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.04177EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/10/12 12:0 a.m.23 views

Microsoft Windows Client Service for NetWare buffer overflow

Buffer overflow in network file srevice...

3.3AI score
Exploits0References1
NVD
NVD
added 2005/05/02 4:0 a.m.22 views

CVE-2005-0340

Integer signedness error in Apple File Service AFP Server allows remote attackers to cause a denial of service application crash via a negative UAM string length in a FPLoginExt packet...

5CVSS8.3AI score0.03198EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/02/10 5:0 a.m.36 views

CVE-2005-0340

Integer signedness error in Apple File Service AFP Server allows remote attackers to cause a denial of service application crash via a negative UAM string length in a FPLoginExt packet...

8.3AI score0.03198EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2004/01/06 12:0 a.m.35 views

fsp buffer overflow and directory traversal vulnerabilities

The Debian security team reported a pair of vulnerabilities in fsp: A vulnerability was discovered in fsp, client utilities for File Service Protocol FSP, whereby a remote user could both escape from the FSP root directory CAN-2003-1022, and also overflow a fixed-length buffer to execute arbitrar...

7.5CVSS7.3AI score0.04177EPSS
Exploits0References1
NVD
NVD
added 2003/07/24 4:0 a.m.18 views

CVE-2003-0379

Unknown vulnerability in Apple File Service AFP Server for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files...

5CVSS6.4AI score0.01659EPSS
Exploits0References1
Rows per page
Query Builder