The vulnerability of the SecureFilter component in the Ivanti Avalanche mobile device management system allows a hacker to bypass existing security restrictions.

The vulnerability of the SecureFilter component in the Ivanti Avalanche mobile device management system is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions...

PT-2024-7979 · Nvidia · Nvidia Nemo

Name of the Vulnerable Software and Affected Versions: NVIDIA NeMo versions up to r2.0.0rc0 Description: The issue is related to the SaveRestoreConnector function in NVIDIA NeMo, which is associated with incorrect restriction of the directory path name with limited access. Exploitation of this...

The vulnerability of the Ivanti Cloud Services Appliance’s network interface, related to incorrect path name restrictions for the restricted access catalog, allows a hacker to execute arbitrary code.

The vulnerability of the Ivanti Cloud Services Appliance relates to an incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the command-line interface of ArubaOS systems allows a hacker to execute arbitrary code.

The vulnerability of the command-line interface of ArubaOS systems is related to incorrect restrictions on the path name to the restricted-access directory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Pluck 安全漏洞

Pluck is a small and simple content management system written in PHP by Pluck CMS Open Source. A security vulnerability exists in Pluck version 4.7.18, which stems from an incorrect path restriction to a restricted directory that could allow an unauthenticated attacker to extract sensitive...

PT-2024-9227 · 2N · 2N Access Commander

Name of the Vulnerable Software and Affected Versions: 2N Access Commander versions 3.1.1.2 and prior Description: The issue is related to incorrect restriction of a directory path with limited access. Exploitation of this issue may allow a remote attacker to execute arbitrary code. This can be...

The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.fn of the Spring Framework arises from incorrect path name restrictions for restricted directories. This allows attackers to gain access to any file in the file system.

The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.fn of the Spring Framework is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to any file in t...

The vulnerability of the Calibre electronic library’s software lies in the incorrect limitation of the path name to the restricted-access catalog, which allows attackers to disclose protected information.

The vulnerability of the Calibre electronic library software is related to an incorrect limitation on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the /index/ajax/lang component of the FastAdmin remote administration utility, which allows a hacker to expose protected information.

The vulnerability of the /index/ajax/lang component of the FastAdmin remote administration utility is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

Progress Software WS_FTP Server 安全漏洞

Progress Software WSFTP Server is an effective and highly manageable FTP server from Progress Software, Inc. A security vulnerability exists in Progress Software WSFTP Server versions prior to 8.8.8 that stems from an improper restriction of pathnames...

The software’s vulnerability lies in the detection of vulnerabilities and errors by PT Application Inspector. This vulnerability arises due to an incorrect limitation on the path to the restricted access directory. This allows attackers to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the PT Application Inspector software arises due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to enhance their privileges and gain unauthorized access to protected information...

The vulnerability of the OpenAPI Generator software for automatically generating client libraries arises from incorrect restrictions on the path name to the restricted access directory. This allows attackers to circumvent security restrictions and gain read, modify, or delete access to data.

The vulnerability of the OpenAPI Generator software for automatically generating client libraries is related to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain access to...

The vulnerability of the AddReportResult method in the SolarWinds Access Rights Manager software allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the AddReportResult method in the SolarWinds Access Rights Manager ARM access control software is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

The vulnerability of the SCADA system MasterSCADA 4D, related to incorrect restrictions on the path to the restricted access catalog, allows a intruder to read arbitrary files.

The vulnerability of the SCADA system MasterSCADA 4D is related to an incorrect restriction on the path to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to read arbitrary files remotely...

The vulnerability of the rspamd_maps() function in the Docker-based email server deployment and management tool, mailcow:dockerized, allows a attacker to execute arbitrary code.

The vulnerability of the rspamdmaps function in the Docker-based email server deployment and management tool, mailcow:dockerized, is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability of the deleteTransferFile method in the SolarWinds Access Rights Manager software allows a perpetrator to gain access to read, modify, or delete data.

The vulnerability of the deleteTransferFile method in the SolarWinds Access Rights Manager software relates to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

The vulnerability of the.NET Core software component “Update Services” allows a hacker to gain access to read local files.

The vulnerability of the .NET Core software “Update Services” is related to an incorrect limitation on the path to the directory. Exploiting this vulnerability could allow a malicious actor to gain read access to local files...

The vulnerability of the WSDL query processor in the “Update Service” software allows a attacker to gain read access to local files.

The vulnerability of the WSDL query processor in the “Update Service” software is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability could allow a malicious actor to gain read access to local files...

The vulnerability of the “Document Approval Service” software lies in the improper limitation of the path name to the catalog, allowing a violator to gain read access to local files.

The vulnerability of the “Service for Document Approval” software is related to incorrect restrictions on the path to the catalog. Exploiting this vulnerability can allow a remote attacker to gain read access to local files...

The vulnerability of the log loading function of the HarmonyOS AILife Audio Service platform for managing audio devices allows a malicious actor to elevate their privileges and gain access to read, modify, or delete files.

The vulnerability of the log loading function of the HarmonyOS AILife Audio Service platform relates to an incorrect limitation on the path to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and gain access to read, modify, or delete...