8779 matches found
PT-2023-24595 · Minio · Minio Console
Name of the Vulnerable Software and Affected Versions: Minio Console versions prior to 0.28.0 Description: The issue allows Unicode RIGHT-TO-LEFT OVERRIDE characters to be used to mask the original filename. This can potentially lead to misleading or hidden file information. Recommendations: For...
Reflected File Download
github.com/gin-gonic/gin is vulnerable to Reflected File Download. The vulnerability exists because the FileAttachment function of context.go does not properly sanitize the filename parameter, which allows an attacker to modify the Content-Disposition header and replace the .txt file name suffix...
ctags: arbitrary command execution via a tag file with a crafted filename
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
Moderate: ctags security update
Ctags is a C programming language indexing and cross-reference tool. Security Fixes: ctags: arbitrary command execution via a tag file with a crafted filename CVE-2022-4515 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function
The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of...
GHSA-2C4M-59X9-FR2G Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function
The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Disposition header to be sent with an unexpected filename value or otherwise modify the Content-Disposition header. For example, a filename of...
PTC Vuforia Studio 授权问题漏洞
PTC Vuforia Studio is an easy-to-use, web-native tool from PTC for authoring domain and task-specific experiences. These experiences provide integrated views of digital and physical product data, dashboards, and alerts through 2D, 3D, and augmented reality. An authorization issue vulnerability...
PT-2023-22242 · Debian · Debian
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The filename parameter of the Context.FileAttachment function is not properly sanitized. A maliciously crafted filename can cause the Content-Dispositio...
emacs: ctags local command execution vulnerability
A flaw was found in Etags, the Ctags implementation of Emacs. A file with a crafted filename may result in arbitrary command execution when processed by Etags...
Remote Code Execution (RCE)
dawnsparks-node-tesseract and node-tesseract are vulnerable to Remote Code Execution RCE. Use of the exec method in tesseract.js without sanitization allows an attacker to upload and execute malicious code on the system via the image filename...
Zhongbang CRMEB 代码问题漏洞
Zhongbang CRMEB is an open source e-commerce management system from Zhongbang Networks Zhongbang in Xi'an, China. A code issue vulnerability exists in Zhongbang CRMEB version 4.6.0, which stems from an incorrect operation of the parameter filename resulting in unrestricted file uploads...
PT-2023-19466 · Unknown · Zhong Bang Crmeb
Name of the Vulnerable Software and Affected Versions: Zhong Bang CRMEB version 4.6.0 Description: A critical issue affects the videoUpload function in the file SystemAttachmentServices.php, allowing unrestricted upload through manipulation of the filename argument. This can be initiated remotely...
CVE-2022-25277
Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference: SA-CORE-2019-010. However, the protections for these two vulnerabilities previously did...
CVE-2022-25277
Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference: SA-CORE-2019-010. However, the protections for these two vulnerabilities previously did...
CVE-2022-25277
Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference: SA-CORE-2019-010. However, the protections for these two vulnerabilities previously did...
CVE-2022-25277
Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference: SA-CORE-2019-010. However, the protections for these two vulnerabilities previously did...
Debian DSA-5392-1 : thunderbird - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5392 advisory. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can...
Reflected File Download
firefox is vulnerable to Reflected File Download. The vulnerability exists when handling the filename directive in the Content-Disposition header, and the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks, potentially...
GHSA-QW69-RQJ8-6QW8 OutOfMemoryError for large multipart without filename in Eclipse Jetty
Impact Servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part that has a name but no filename and a very large content. This...
UBUNTU-CVE-2023-26048
Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support e.g. annotated with @MultipartConfig that call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause OutOfMemoryError when the client sends a multipart request with a part...