267 matches found
The vulnerability of the Bluetooth module of the EMUI operating system of HarmonyOS allows a perpetrator to compromise the confidentiality of protected information.
The vulnerability of the Bluetooth module of the EMUI operating system of HarmonyOS is related to improper restrictions on the path name to the directory. Exploiting this vulnerability can allow attackers to compromise the confidentiality of the protected information...
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in improper restrictions on path names to the restricted directory. This allows attackers to load arbitrary files with root privileges.
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in improper path name restrictions in the access-controlled directory. Exploiting this vulnerability allows an attacker to download...
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in improper restrictions on path names to the restricted directory. This allows attackers to load arbitrary files with root privileges.
The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in improper path name restrictions for accessing the restricted directory. Exploiting this vulnerability allows a remote attacker to...
The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the incorrect limitation of the path to the restricted catalog. This allows attackers to read arbitrary files.
The vulnerability of the Magento Open Source and Adobe Commerce software platforms for developing and managing online stores is related to incorrect path name restrictions for access to restricted catalogs. Exploiting this vulnerability allows a malicious actor to remotely read arbitrary files...
PT-2024-6521 · Rockwell Automation · Rockwell Automation Pavilion8
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 affected versions not specified Description: A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could...
The vulnerability of software for visualizing production metrics in FUJITSU Network Edgiot arises from incorrect restrictions on the path name to the restricted-access catalog, allowing attackers to influence data confidentiality.
The vulnerability of software for visualizing production metrics in FUJITSU Network Edgiot is related to incorrect restrictions on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to influence data confidentiality...
jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE
A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxyfetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller...
The vulnerability of the SCADA system MasterSCADA 4D arises from incorrect restrictions on the path to the restricted access catalog. This allows intruders to read and write arbitrary files and execute arbitrary commands.
The vulnerability of the SCADA system MasterSCADA 4D is related to an incorrect restriction on the path to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files, as well as execute arbitrary commands...
The vulnerability of the deleteTransferFile method in the SolarWinds Access Rights Manager software allows a perpetrator to gain access to read, modify, or delete data, thereby increasing their privileges.
The vulnerability of the deleteTransferFile method in the SolarWinds Access Rights Manager software relates to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data, thereby...
The vulnerability of the deleteTransferFile method in the SolarWinds Access Rights Manager software allows a perpetrator to gain access to read, modify, or delete data.
The vulnerability of the deleteTransferFile method in the SolarWinds Access Rights Manager software relates to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...
The vulnerability of Reposilite repository management software lies in the improper limitation of the path to the restricted access catalog, allowing attackers to execute arbitrary code.
The vulnerability of the Reposilite repository management software is related to incorrect restrictions on the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created package...
The vulnerability of the PAM system for JumpServer is related to incorrect restrictions on the path name to the restricted directory. This allows a intruder to gain unauthorized access to read any files in the Celery container.
The vulnerability of the PAM system for privileged access control in JumpServer is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized read access to arbitrary files i...
The vulnerability of the ExpandZipFile method in the SolarWinds Access Rights Manager software allows a intruder to execute arbitrary code.
The vulnerability of the ExpandZipFile method in the SolarWinds Access Rights Manager software lies in improper restrictions on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the Connect method of the SolarWinds Access Rights Manager software allows a perpetrator to execute arbitrary code.
The vulnerability of the Connect method in the SolarWinds Access Rights Manager software lies in improper restrictions on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the CreateFile method in the SolarWinds Access Rights Manager software allows a perpetrator to execute arbitrary code.
The vulnerability of the CreateFile method in the SolarWinds Access Rights Manager ARM access control software lies in improper restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
The vulnerability of the “Document Approval Service” software lies in the improper limitation of the path name to the catalog, which allows a violator to gain access to read and write local files.
The vulnerability of the “Service for Document Approval” software is related to incorrect restrictions on the path to the catalog. Exploiting this vulnerability can allow an attacker who operates remotely to gain read and write access to local files...
The vulnerability of the SolarWinds Serv-U File Server file server arises from incorrect path restrictions for the restricted access directory, allowing attackers to gain read access to files on the server.
The vulnerability of the SolarWinds Serv-U File Server file server is related to an incorrect limitation on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain read access to files on the server remotely...
WordPress plugin Ovic Importer path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
The vulnerability of the Redmine DMSF plugin, a project and task management system, arises from incorrect restrictions on the path to the restricted catalog. This allows attackers to gain read, modify, or delete access to files.
The vulnerability of the Redmine DMSF plugin, a project and task management system, is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to files...
The vulnerability of the SolarWinds Serv-U File Server file server arises from incorrect path name restrictions for the restricted access directory, allowing a hacker to execute arbitrary code.
The vulnerability of the SolarWinds Serv-U File Server file server is related to an incorrect limitation on the path to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...