K58581302: Archive_Tar vulnerabilities CVE-2020-28948 and CVE-2020-28949

Security Advisory Description CVE-2020-28948 ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28949 ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack...

K08206127: PHP vulnerability CVE-2016-4072

Security Advisory Description The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the pharanalyzepath function in ext/phar/phar.c...

K23985340: Spring Integration Zip vulnerability CVE-2018-1261

Security Advisory Description Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar, xz, war, cpio, 7z that holds path traversal filenames. So when the...

K13074505: libarchive vulnerability CVE-2016-8687

Security Advisory Description Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename. CVE-2016-8687 Impact For BIG-IP and VIPRION platforms that ar...

K16870: logrotate vulnerability CVE-2011-1154

Security Advisory Description The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a...

K82747025: GraphicsMagick vulnerability CVE-2016-5118

Security Advisory Description The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | pipe character at the start of a filename. CVE-2016-5118 Impact A remote attacker may be able to execute arbitrary code on the...

K55121327: GnuPG vulnerability CVE-2018-12020

Security Advisory Description mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example,...

K21230183: NTP vulnerability CVE-2015-7976

Security Advisory Description The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. CVE-2015-7976 Impact A remote user who uses the ntp...

sinatra: Reflected File Download attack

A flaw was found in Sinatra, a domain-specific language for creating web applications in Ruby. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input...

sinatra: Reflected File Download attack

A flaw was found in Sinatra, a domain-specific language for creating web applications in Ruby. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input...

CVE-2021-33949

An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function...

CVE-2021-33949

An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function...

CVE-2021-33949

An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function...

FeMiner wms 安全漏洞

FeMiner wms is a repository management system for individual developers of Chinese front-end miners FeMiner. A security vulnerability exists in FeMiner wms v1.1 that allows an attacker to execute arbitrary code via the filename parameter and exec function...

CVE-2021-33949

An issue in FeMiner WMS v1.1 allows attackers to execute arbitrary code via the filename parameter and the exec function...

Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0207)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0207 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup table...

SUSE CVE-2003-0380

Buffer overflow in atftp daemon atftpd 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long filename...

SUSE CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

SUSE CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters...

SUSE CVE-2005-0397

Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...