PT-2024-19413 · Unknown · Anything-Llm

Name of the Vulnerable Software and Affected Versions: AnythingLLM versions prior to commit 08d33cfd8 Description: AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit...

PT-2024-19408 · Unknown · Group-Office

Name of the Vulnerable Software and Affected Versions: Group-Office versions prior to 6.8.29 Description: The issue is related to the file upload mechanism in Group-Office, allowing an attacker to execute arbitrary JavaScript code by embedding it within a file's name. For example, using a filenam...

CVE-2024-0645

Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records...

Buffer overflow

Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records...

CVE-2024-0645 Buffer Overflow Vulnerability in Explorer++

Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records...

CVE-2024-0645 Buffer Overflow Vulnerability in Explorer++

Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records...

PT-2024-15713 · Extplorer · Extplorer

Name of the Vulnerable Software and Affected Versions: Explorer++ version 1.3.5.531 Description: A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler SEH records. This issue allows for the execution of arbitrary code, potentially...

CVE-2023-6335

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

CVE-2023-6336

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

CVE-2023-6336

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

Input validation

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

Input validation

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

CVE-2023-6336

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

CVE-2023-6336

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

CVE-2023-6335

Improper Link Resolution Before File Access 'Link Following' vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7...

CVE-2023-6335

The CVE-2023-6335 issue is an Improper Link Resolution Before File Access ("Link Following") vulnerability in HYPR Workforce Access on Windows, affecting versions before 8.7. The root cause is a misresolution of file access links that allows a user-controlled filename, potentially enabling unauth...

HYPR Backlink Vulnerability

HYPR is a security application from HYPR that implements password-less security. A security vulnerability exists in HYPR Workforce Access prior to version 8.7 that stems from an incorrectly resolved file access link that allows a user to take control of a file name...

PT-2024-14933 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Link Resolution Before File Access, also known as 'Link Following', which allows User-Controlled Filename. This affects HYPR Workforce Access on MacO...

Fedora 38 : rubygem-httparty (2024-a5aad4eede)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a5aad4eede advisory. Fix CVE-2024-22049 httparty: multipart/form-data request vulnerable to tampering Tenable has extracted the preceding description block directly from...

TOTOLINK LR1200GB UploadFirmwareFile Function Command Injection Vulnerability

The TOTOLINK LR1200GB is a wireless dual-band 4GLTE router from China's Gion Electronics TOTOLINK that supports 2.4GHz and 5GHz dual-band networks, and is primarily used to provide mobile broadband connectivity and Wi-Fi coverage. The TOTOLINK LR1200GB suffers from a command injection vulnerabili...