Lucene search
+L

267 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.12 views

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS8.1AI score0.89829EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.13 views

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS8.1AI score0.99835EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2025/01/09 12:0 a.m.7 views

The vulnerability of the interface of the Gogs self-managed Git repository creation software allows a hacker to write arbitrary files.

The vulnerability of the Gogs self-managed Git repository creation software interface is related to improper restrictions on the path name to the restricted-access directory. Exploiting this vulnerability allows a malicious actor, operating remotely, to write arbitrary files...

9CVSS6.1AI score0.75197EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/25 12:0 a.m.9 views

The vulnerability of the ColdFusion software platform arises from incorrect restrictions on path names to restricted directories. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the ColdFusion software platform is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.4CVSS7.7AI score0.13403EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.6 views

The vulnerability of the File Upload mechanism in the Apache Struts software framework allows a hacker to execute arbitrary code.

The vulnerability of the File Upload mechanism in the Apache Struts software platform is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, provided that a specially crafted malicious file is...

9CVSS8.4AI score0.78198EPSS
Exploits15References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.6 views

The vulnerability of the Archive Extraction Handler component in the Luigi library for the Python programming language allows a hacker to execute arbitrary code.

The vulnerability of the Archive Extraction Handler component in the Luigi library for the Python programming language is related to an incorrect limitation on the path name of the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using ...

8.6CVSS6AI score0.01096EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/09 12:0 a.m.8 views

The vulnerability of the command-line interface (CLI) of the Instant AOS-8 and AOS-10 operating systems, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the command-line interface CLI of the Instant AOS-8 and AOS-10 operating systems is related to incorrect restrictions on the path name to the restricted-access directory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized acces...

6.8CVSS8AI score0.00893EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/12/03 12:0 a.m.13 views

The vulnerability of Kanboard project management software lies in the improper limitation of the path name to the restricted access directory. This allows attackers to read and delete any files from the server.

The vulnerability of Kanboard project management software is related to incorrect restrictions on the path to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to remotely read and delete any files from the server...

9.1CVSS5.5AI score0.00845EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.5 views

The vulnerability of the Manager component in the Wowza Streaming Engine server software allows a hacker to gain access and delete directories.

The vulnerability of the Manager component in the Wowza Streaming Engine server software is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access and delete directories, provided that the target...

6.8CVSS5.5AI score0.00677EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.8 views

The vulnerability of the Manager component in the Wowza Streaming Engine server software allows a hacker to gain access to create an XML file in any directory.

The vulnerability of the Manager component in the Wowza Streaming Engine server software is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain access to the XML file in any arbitrary directory...

4CVSS5.6AI score0.00727EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.12 views

The vulnerability in the virtual learning environment Moodle, related to improper restrictions on the path name to a limited catalog, allows a intruder to gain access to confidential data.

The vulnerability in the virtual training environment Moodle is related to the local loading of files during the restoration of incorrect backup copies of modules. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential data...

7.8CVSS5.4AI score0.00638EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/11/22 12:0 a.m.11 views

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks arises from incorrect restrictions on the path name to the restricted access directory. This allows a perpetrator to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks is related to incorrect restrictions on the path name to the restricted-access directory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.17851EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.7 views

The vulnerability of the Podman software for managing and starting OCI containers arises from improper restrictions on the path name of a limited catalog. This allows a malicious actor to trigger a service failure.

The vulnerability of the Podman software for managing and starting OCI containers is related to improper restrictions on the path name of a limited catalog. Exploiting this vulnerability allows an attacker who operates remotely to trigger a service failure by using a specially created symbolic li...

6.8CVSS7AI score0.01345EPSS
Exploits0References8Affected Software8
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.4 views

Fortinet FortiManager和Fortinet FortiAnalyzer 路径遍历漏洞

Fortinet FortiManager and Fortinet FortiAnalyzer are both products of Fortinet, a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains ADOM to further simplify the...

4.9CVSS6.7AI score0.00838EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.6 views

The vulnerability of the python38._pth file of the Python interpreter lies in its ability to ignore the restrictions specified in the python38._pth file within sys.path. This allows a malicious actor to execute arbitrary code.

The vulnerability of the python38.pth file of the Python interpreter involves ignoring the restrictions specified in the python38.pth file within sys.path. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.3AI score0.03104EPSS
Exploits0References4Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/05 12:0 a.m.15 views

The vulnerability of the OPC server WorkstationST, related to incorrect restrictions on the path name to the directory, allows a hacker to gain access to the server’s directory.

The vulnerability of the OPC server WorkstationST is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the server’s directory...

9.7CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/01 12:0 a.m.10 views

The vulnerability of the Platypus.js tooling platform, related to incorrect path name restrictions for restricted access catalogs, allows attackers to gain access to confidential data.

The vulnerability of the Platypus.js tooling platform is related to an incorrect restriction on the path name to the restricted-access catalog. Allowing this to be exploited could enable a malicious actor to gain access to confidential data...

7.7CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.10 views

The vulnerability of the experimental-permission configuration in the Node.js software platform allows a hacker to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the experimental-permission configuration in the Node.js software platform is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to...

9CVSS6.9AI score0.01817EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/10/28 12:0 a.m.6 views

The vulnerability in the web interface for managing Cisco Firepower Management Center software allows a hacker to read arbitrary files.

The vulnerability in the web interface for managing Cisco Firepower Management Center FMC software involves incorrect restrictions on the path name to the directory. Exploiting this vulnerability allows a malicious actor to read arbitrary files...

6.8CVSS5.6AI score0.00615EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/14 12:0 a.m.15 views

The vulnerability of the Passwork password manager, related to incorrect restrictions on the path to the restricted catalog, allows a intruder to gain unauthorized access to local files and directories on the server.

The vulnerability of the Passwork password manager is related to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to local files and directories on the server by manipulating URL...

8CVSS5.5AI score
Exploits0References2Affected Software1
Rows per page
Query Builder