Lucene search
K

216 matches found

BDU FSTEC
BDU FSTEC
added 2023/03/17 12:0 a.m.4 views

The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP integration platforms lies in incorrect restrictions on path names to restricted catalogs, allowing attackers to overwrite arbitrary files.

The vulnerability of SAP NetWeaver AS ABAP and SAP NetWeaver ABAP programming integration platforms is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability allows a malicious actor to re-record arbitrary files remotely...

9.6CVSS6.7AI score0.00982EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/03/15 12:0 a.m.7 views

The vulnerability of the ColdFusion software platform arises from incorrect restrictions on path names to restricted directories. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the ColdFusion software platform is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score0.45022EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/07 12:0 a.m.5 views

The vulnerability in applications for creating reports using TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS arises due to an incorrect path name limitation in the restricted directory. This allows attackers to disclose sensitive information.

The vulnerability of applications for generating reports with TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS exists due to ...

7.7CVSS7.4AI score0.48753EPSS
Exploits2References3Affected Software5
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.14 views

The vulnerability of the installed Windows operating system on HP laptops allows attackers to gain elevated privileges.

The vulnerability of the installed Windows operating system on HP laptops relates to incorrect path name restrictions for the restricted access directory. Exploiting this vulnerability can allow attackers to gain increased privileges...

7.3CVSS7.2AI score0.00407EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.39 views

SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0326-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container inspect commands...

7.5CVSS6.5AI score0.02085EPSS
Exploits3References20
BDU FSTEC
BDU FSTEC
added 2023/02/06 12:0 a.m.6 views

The vulnerability of the WEB_DisplayPage() function in D-Link’s wireless access points DAP-2020 and DAP-1360 allows a intruder to gain unauthorized access to protected information.

The vulnerability of the WEBDisplayPage function in D-Link’s wireless access points DAP-2020 and DAP-1360 is related to an incorrect limitation on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected...

4.3CVSS5.5AI score
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/01/28 12:0 a.m.2276 views

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2023:0187-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0187-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container...

7.5CVSS6.5AI score0.02085EPSS
Exploits3References20
BDU FSTEC
BDU FSTEC
added 2023/01/23 12:0 a.m.6 views

The vulnerability of Advantech R-SeeNet router microprogramming software arises due to an incorrect limitation on the path name to the restricted access catalog. This allows a hacker to delete any arbitrary files.

The vulnerability of Advantech R-SeeNet router microprogramming software exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to delete arbitrary files remotely...

6.5CVSS6.5AI score0.1398EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/01/18 12:0 a.m.5 views

The vulnerability of the C-Bus Toolkit software lies in the improper limitation of the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the C-Bus Toolkit software is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow a attacker to execute arbitrary code using a specially created malware file or a specially created malicious web pag...

7.8CVSS7.7AI score0.27172EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.9 views

The vulnerability of the command-line interface of microprogramming software for Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage arises from incorrect path name restrictions related to restricted access directories. This vulnerability allows attackers to create or re-record critical files.

The vulnerability of the command-line interface of microprogramming software for Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and the centralized network management system Cisco SD-WAN vManage is related to an...

7.8CVSS7.2AI score0.00593EPSS
Exploits1References3Affected Software4
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.36 views

SUSE SLES15 / openSUSE 15 Security Update : cni (SUSE-SU-2022:4592-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4592-1 advisory. - CVE-2021-20206: Fixed arbitrary path injection via type field in CNI configuration bsc1181961. Tenable has extracted the...

7.2CVSS6.8AI score0.01525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/11/23 12:0 a.m.29 views

SUSE SLES15 Security Update : cni (SUSE-SU-2022:4150-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4150-1 advisory. - CVE-2021-20206: Fixed arbitrary path injection via type field in CNI configuration bsc1181961. Tenable has extracted the preceding...

7.2CVSS6.8AI score0.01525EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.14 views

The vulnerability of the Moxa MXView network control software lies in the improper restriction of the path name to the restricted access directory. This allows a violator to gain read, modify, or delete access to files.

The vulnerability of the Moxa MXView network control software relates to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to files...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/20 12:0 a.m.19 views

The vulnerability of the Moxa MXView network control software lies in its lack of functionality for checking the path name of the restricted access directory. This allows a violator to execute arbitrary code.

The vulnerability of the Moxa MXView network control software is related to deficiencies in checking the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS5.9AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.69 views

SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2022:3655-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3655-1 advisory. Buildah was updated to version 1.27.1: - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to...

9.3CVSS7AI score0.02603EPSS
Exploits2References10
BDU FSTEC
BDU FSTEC
added 2022/10/18 12:0 a.m.6 views

The vulnerability of the SAP Manufacturing Execution system lies in the incorrect restriction of the path name to the restricted catalog, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the SAP Manufacturing Execution system is related to incorrect restrictions on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.0643EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/12 12:0 a.m.7 views

The vulnerability of the backup and recovery functions of Microsoft File Systems for the IBM Spectrum Protect Plus data protection software allows a perpetrator to disclose protected information.

The vulnerability of the backup and recovery functions of Microsoft’s file systems in the IBM Spectrum Protect Plus data protection platform is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow a malicious actor to...

5.9CVSS6.5AI score0.01633EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/04 12:0 a.m.6 views

The vulnerability of the Keybase open-source keyring client for Windows allows a hacker to execute arbitrary code.

The vulnerability of Keybase’s open-source keyring for Windows relates to an incorrect limitation on the path name of the restricted access directory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.2CVSS8.1AI score0.01338EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/31 12:0 a.m.7 views

The vulnerability of microprogrammed network device software from Zyxel models USG FLEX 100(W), USG FLEX 200, USG FLEX 500, USG FLEX 700, USG FLEX 50(W), USG20(W)-VPN, ATP, VPN, USG/ZyWALL arises due to incorrect path name restrictions in the access-controlled catalog. This allows attackers to disclose sensitive information.

The vulnerability of microprogrammed network devices such as Zyxel USG FLEX 100W, USG FLEX 200, USG FLEX 500, USG FLEX 700, USG FLEX 50W, USG20W-VPN, ATP, VPN, USG/ZyWALL exists due to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability can allow a...

6.8CVSS6.8AI score0.00983EPSS
Exploits0References3Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/07/29 12:0 a.m.7 views

The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a malicious individual to read or write arbitrary files within the system.

The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to remotely read or write arbitrary files in the system by sending a specially crafted HTTP reques...

8CVSS7.2AI score0.01414EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder