PT-2024-20756 · Collabora · Collabora Online

Name of the Vulnerable Software and Affected Versions: Collabora Online versions prior to 21.11.10 Collabora Online versions prior to 22.05.22 Collabora Online versions prior to 23.05.9 Description: Collabora Online is a collaborative online office suite based on LibreOffice technology. Each...

ZKTeco ZKBio Media Security Breach

ZKTeco ZKBio Media is a digital signage platform that integrates video playback, pictures, audio and other multimedia information from ZKTeco China, providing information distribution solutions based on "visual presentation". A security vulnerability exists in ZKTeco ZKBio Media version...

CVE-2023-46171

IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to view sensitive log information after enumerating filenames. IBM X-Force ID: 269408...

IBM DS8900F HMC 信息泄露漏洞

The IBM DS8900F HMC is an enterprise-class disk storage system from International Business Machines IBM for storing and managing large-scale enterprise data. An information disclosure vulnerability exists in the IBM DS8900F HMC, which can be exploited by an attacker to read arbitrary files after...

Remote Code Execution by uploading a phar file using frontmatter

Summary - Due to insufficient permission verification, user who can write a page use frontmatter feature. - Inadequate File Name Validation Details 1. Insufficient Permission Verification In Grav CMS, "Frontmatter" refers to the metadata block located at the top of a Markdown file. Frontmatter...

BIT-ROUNDCUBE-2021-44025

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message...

BIT-DRUPAL-2020-28949

ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite files can still succeed...

USN-6678-1 libgit2 vulnerabilities

It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.0...

CVE-2024-25832

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...

CVE-2024-25832

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...

GHSA-GP6M-FQ6H-CJCX Magento LTS vulnerable to stored XSS in admin file form

Summary OpenMage is affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Details MageAdminhtmlBlockSystemConfigFormFieldFile does not escape filename value in certain situations. Same...

Magento LTS vulnerable to stored XSS in admin file form

Summary OpenMage is affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Details MageAdminhtmlBlockSystemConfigFormFieldFile does not escape filename value in certain situations. Same...

CVE-2023-52468

In the Linux kernel, the following vulnerability has been resolved: class: fix use-after-free in classregister The lockclasskey is still registered and can be found in lockkeyshash hlist after subsysprivate is freed in error handler path.A task who iterate over the lockkeyshash later may cause...

CVE-2023-49959

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/startupdate...

CVE-2023-49959

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/startupdate...

Path traversal

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the /upload endpoint...

Command injection

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root privileges via a crafted filename parameter in POST requests to the /api/updater/ctrl/startupdate...

CVE-2023-49960

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a path traversal vulnerability in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the /upload endpoint...

PT-2024-13842 · Indo Sol · Indo-Sol Profinet-Inspektor Nt

Name of the Vulnerable Software and Affected Versions: Indo-Sol PROFINET-INspektor NT versions 2.4.0 and earlier Description: A path traversal issue in the httpuploadd service of the firmware allows remote attackers to write to arbitrary files via a crafted filename parameter in requests to the...

PT-2024-1850

Name of the Vulnerable Software and Affected Versions FontForge versions through 20230101 Description The issue exists due to the lack of neutralization of special elements in the software. This can allow an attacker to execute arbitrary commands via crafted filenames. The estimated number of...