35 matches found
DEBIAN-CVE-2024-22018
A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API. As a result, malicious actors can retrieve...
DEBIAN-CVE-2023-52760
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix slab-use-after-free in gfs2qddealloc In gfs2putsuper, whether withdrawn or not, the quota should be cleaned up by gfs2quotacleanup. Otherwise, struct gfs2sbd will be freed before gfs2qddealloc rcu callback has run for a...
nodejs: improper handling of wildcards in --allow-fs-read and --allow-fs-write
A flaw was found in the Node.js Permission Model, where it is not clarified in the documentation that wildcards should only be used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/...
SUSE CVE-2017-5011
Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page...
CVE-2022-40715
An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily...
CVE-2021-36233
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows by design an authenticated attacker to read arbitrary files from the filesystem by specifying the file path...
CVE-2021-37469
In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem...
CVE-2020-27727
On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, when an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem...
Design/Logic Flaw
On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, when an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem...
CVE-2017-3209 The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem...
CVE-2018-1002150
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1...
CVE-2017-8770
CVE-2017-8770 affects the BE126 WIFI repeater (1.0). A crafted getpage parameter allows local file disclosure, enabling an attacker to read the device’s entire filesystem. Public details in connected records confirm a Local File Disclosure vulnerability with proofs of concept (e.g., LFI via getpa...
Kernel: fs: umount denial of service
The doumount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAPSYSADMIN capability for doremountsb calls that change the root filesystem to read-only, which allows local users to cause a denial of service loss of writability by making certain unshare system calls...
Cisco Prime Collaboration Provisioning Arbitrary File Download Vulnerability
Cisco Prime Collaboration is a comprehensive video and voice service assurance and management system. A security vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool allows an unauthenticated, remote attacker to download arbitrary files and read files within the...
UBUNTU-CVE-2017-5011
Google Chrome prior to 56.0.2924.76 for Windows insufficiently sanitized DevTools URLs, which allowed a remote attacker who convinced a user to install a malicious extension to read filesystem contents via a crafted HTML page...