The vulnerability of the Intel Endpoint Management Assistant cloud service arises from an incorrect path name limitation for the restricted access catalog. This allows attackers to escalate their privileges.

The vulnerability of the Intel Endpoint Management Assistant cloud service exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the Samba file system arises from an incorrect limitation on the path to the restricted access directory. This allows a malicious user to gain access to files and directories beyond the SMB network paths.

The vulnerability of the Samba file system exists due to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to files and directories beyond the boundaries of the SMB network...

The vulnerability of the spring-cloud-config-server module of the Spring Cloud Config server allows a attacker to gain access to protected information.

The vulnerability of the spring-cloud-config-server module in the Spring Cloud Config server exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to protected informatio...

PT-2020-6144 · Icinga +1 · Icinga Web 2 +1

Name of the Vulnerable Software and Affected Versions: Icinga Web2 versions 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 are not accurate representations, as the issue is fixed in these versions. Icinga Web2 versions prior to 2.6.4, prior to 2.7.4, and prior to 2.8.2 Description: The issue allows an...

The vulnerability of the archiving utility in the Cisco Data Center Network Manager system allows a hacker to increase their privileges.

The vulnerability of the archiving utility of the Cisco Data Center Network Manager system is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to increase their privileges through a specially created...

The vulnerability in the PluginServlet.java function of the Openfire XMPP server allows a hacker to compromise the confidentiality of protected information.

The vulnerability in the PluginServlet.java function of the XMPP server Openfire exists due to an incorrect path limitation for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality of the protected information...

The vulnerability of the fly-fm file manager arises due to an incorrect path name limitation for the restricted access catalog. This allows a malicious actor to gain unauthorized access to confidential data.

The vulnerability of the fly-fm file manager exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to confidential data...

Python has an unspecified vulnerability

Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python version 3.8.4, which stems from the program's failure to enforc...

The vulnerability of the EPUB Sigil software for editing e-books lies in the incorrect path limitation for accessing the restricted catalog. This allows attackers to write arbitrary files into any directory they choose.

The vulnerability of EPUB format electronic book editing software like Sigil exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to write arbitrary files to any directory...

The vulnerability of the CLI component of Cisco Enterprise NFV Infrastructure Software allows a attacker to gain access to the basic operating system and rewrite or read any files they desire.

The vulnerability of the CLI component of Cisco Enterprise NFV Infrastructure Software exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a attacker to gain access to the underlying operating system and overwrite or read...

The vulnerability of the rpm package for operating systems Red Hat Enterprise Linux and OpenSUSE Leap allows a hacker to execute arbitrary code.

The vulnerability of the rpm package for operating systems Red Hat Enterprise Linux and OpenSUSE Leap exists due to a incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

The vulnerability in the Atlassian Confluence Server’s web server exists due to an incorrect path name limitation for the restricted access catalog. This allows a hacker to write files anywhere and execute any code.

The vulnerability of the Atlassian Confluence Server web server exists due to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability allows a malicious actor to write files to arbitrary locations and execute arbitrary code...

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system allows a hacker to re-write files in the basic file system.

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to re-write files in the...

CVE-2019-3696

A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise...

The vulnerability of the Samba package lies in the incorrect path limitation for the restricted access directory, allowing attackers to compromise the integrity and confidentiality of data.

The vulnerability of the Samba package is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to compromise the integrity and confidentiality of data...

The vulnerability of the Junos operating system arises from an incorrect path limitation for the access-limited directory. This allows attackers to gain access to files with a “world” read permission, or to delete any files with a “world” permission.

The vulnerability of the Junos operating system exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain read access to files with the "world" permission, or to delete any files...

The vulnerability of the Application Framework component of the Cisco Data Center Network Manager system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Application Framework component of the Cisco Data Center Network Manager system exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality,...