82 matches found
CVE-2022-22688
Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...
CVE-2022-22688
Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...
Command injection
Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...
CVE-2022-22688
Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...
PT-2022-15634 · Synology · Synology Diskstation Manager
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.2.4-25556-2 Description: The issue is related to improper neutralization of special elements used in a command, allowing remote authenticated users to execute arbitrary commands via...
CVE-2022-22688
Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...
APSB21-95 : Security update available for Adobe Character Animator
Adobe has released an update for Adobe Character Animator for Windows and macOS. This update resolves critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and file service reads, privilege escalation, and application denial of service...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...
GHSA-66Q9-F7FF-MMX6 Local file inclusion vulnerability in http4s
Impact This vulnerability applies to all users of: org.http4s.server.staticcontent.FileService org.http4s.server.staticcontent.ResourceService org.http4s.server.staticcontent.WebjarService Path escaping URI normalization is applied incorrectly. Requests whose path info contain ../ or // can expos...
HomeGuard Pro 9.3.1 - Insecure Folder Permissions
HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/hg-pro/exe/HomeGuardPro-Setup.exe Version 9.3.1 Tested On:...
PT-2019-19979 · Iodine · Iodine
Name of the Vulnerable Software and Affected Versions: Iodine versions less than 0.7.33 Description: A path traversal issue in the static file service allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs. This can be achieved by drafting malicious...
Double free
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, incorrect error handling could lead to a double fre...
Arbitrary File Deletion Vulnerability in the fileservice/FileManage.asmx?op Page of the Elearning Management System of Xinwei Software
E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. The E-learning management system fileservice/FileManage.asmx?op page contains an arbitrary file deletion vulnerability that can be exploited by an attacker to delete files and folders...
mojoportal - Multiple Vulnerabilities
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' Abysssec Inc Public Advisory Title : mojoportal Multiple Remote Vulnerabilities Affected Version : mojoPortal 2-3-4-3 Discovery : www.Abysssec.com Vendor :...
Debian: Security Advisory (DSA-416)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Client Service for NetWare buffer overflow
Buffer overflow in network file srevice...
CVE-2005-0340
Integer signedness error in Apple File Service AFP Server allows remote attackers to cause a denial of service application crash via a negative UAM string length in a FPLoginExt packet...
CVE-2005-0340
Integer signedness error in Apple File Service AFP Server allows remote attackers to cause a denial of service application crash via a negative UAM string length in a FPLoginExt packet...
fsp buffer overflow and directory traversal vulnerabilities
The Debian security team reported a pair of vulnerabilities in fsp: A vulnerability was discovered in fsp, client utilities for File Service Protocol FSP, whereby a remote user could both escape from the FSP root directory CAN-2003-1022, and also overflow a fixed-length buffer to execute arbitrar...
CVE-2003-0379
Unknown vulnerability in Apple File Service AFP Server for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files...