7267 matches found
Wacom driver 后置链接漏洞
Wacom driver is a driver for connecting and managing platform computers. A security vulnerability exists in Wacom Driver version 6.3.46-1, which stems from an arbitrary file write vulnerability...
Arbitrary File Write
MindsDB is vulnerable to Arbitrary File Write. The vulnerability exists due to an unsafe extraction process that utilizes the shutil.unpackarchive function in fs.py which allows an attacker to write arbitrary files outside the expected directory...
MGASA-2023-0129 Updated stellarium packages fix security vulnerability
Attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal. CVE-2023-28371...
Updated stellarium packages fix security vulnerability
Attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal. CVE-2023-28371...
Debian dla-3383 : grunt - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3383 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3383-1 [email protected] https://www.debian.org/lts/security/...
CVE-2023-25356
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leverage...
CVE-2023-25356
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument Delimiters in a Command. XMPP users are able to inject arbitrary arguments into a system command, which can be used to read files from, and write files to, the sipXcom server. This can also be leverage...
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Vulnerability
Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit
Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...
Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
Summary An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip variant. Details Unpacking files using the...
GHSA-7X45-PHMR-9WQP Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location
Summary An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip variant. Details Unpacking files using the...
CVE-2022-23522 Arbitrary File Write when Extracting Tarballs retrieved from a remote location using in mindsdb
MindsDB is an open source machine learning platform. An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip...
CVE-2022-23522 Arbitrary File Write when Extracting Tarballs retrieved from a remote location using in mindsdb
MindsDB is an open source machine learning platform. An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip...
CVE-2022-37365
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs...
Revenue Collection System v1.0 - Remote Code Execution (RCE)
Exploit Title: Revenue Collection System v1.0 - Remote Code Execution RCE Exploit Author: Joe Pollock Date: November 16, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/rates.zip...
CBL Mariner 2.0 Security Update: gzip (CVE-2022-1271)
The version of gzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1271 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the...
CVE-2022-4224
CVE-2022-4224 affects CODESYS v3 in multiple versions. A remote, low-privilege attacker could read/modify system files and OS resources or cause a DoS. CVSSv3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base score 8.8). No concrete remediation details are provided in the supplied documents; ex...
CVE-2022-30037
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php...
XunRuiCMS 安全漏洞
XunRuiCloud Software Development XunRuiCMS XunRui CMS is an open source content management system CMS from China XunRuiCloud Software Development Company. XunRuiCMS v4.3.3 to v4.5.1 version of a security vulnerability, the vulnerability stems from the existence of PHP file write and file...
CVE-2022-30037
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php...