RustEmbed generated `get` method allows for directory traversal when reading files from disk

When running in debug mode and the debug-embed off by default feature is not enabled, the generated get method does not check that the input path is a child of the folder given. This allows attackers to read arbitrary files in the file system if they have control over the filename given. The...

UBUNTU-CVE-2021-21707

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile, URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the...

DEBIAN-CVE-2021-44025

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message...

CVE-2021-44025

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message...

UBUNTU-CVE-2021-44025

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message...

CVE-2021-44025

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message...

CVE-2021-43620

An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::fromptr on a pointer to the string buffer, the string ...

CVE-2021-43620

An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::fromptr on a pointer to the string buffer, the string ...

Design/Logic Flaw

An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::fromptr on a pointer to the string buffer, the string ...

CVE-2021-43620

CVE-2021-43620 affects the fruity crate (up to 0.2.0) for Rust. The issue stems from security-relevant validation of filename extensions and the use of NSString-to-string conversion that may return partial results. Specifically, the code can call CStr::from_ptr on a pointer to the string buffer, ...

Keybase path traversal vulnerability

Keybase is a PGP technology-based social networking platform that supports end-to-end encryption.Keybase Client for Windows prior to version 5.7.0 is vulnerable to a path traversal vulnerability that stems from a networked system or product failing to properly filter special elements in a resourc...

Directory Traversal

github.com/cloudflare/cfrpki is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization of the URI filename, allowing an attacker to create a file on the disk outside the base cache folder...

Adobe RoboHelp Server Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe RoboHelp Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the RoboHelp server. When parsing the fileName parameter, the process does not properl...

TYPO3 信息泄露漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland.TYPO3 has an information disclosure vulnerability that originates from the extension's inability to protect or obfuscate the filename of uploaded files, which can be exploited by ...

CVE-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

CVE-2021-41772

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field...

CVE-2021-43403

An issue was discovered in FusionPBX before 4.5.30. The logviewer.php Log View page allows an authenticated user to choose an arbitrary filename for download i.e., not necessarily freeswitch.log in the intended directory...

Pentaho Business Analytics / Pentaho Business Server 9.1 Filename Bypass

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: = 9.1 Vulnerability Type: Bypass of Filename Extension Restrictions Solution Status: Fix Released on public GitHub repository Manufacturer Notification: June 2021 Public...

VulnCheck KEV: CVE-2020-10221

rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter...

CVE-2021-40348

Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation...