218 matches found
The vulnerability of microprogrammed network device software from Zyxel models USG FLEX 100(W), USG FLEX 200, USG FLEX 500, USG FLEX 700, USG FLEX 50(W), USG20(W)-VPN, ATP, VPN, USG/ZyWALL arises due to incorrect path name restrictions in the access-controlled catalog. This allows attackers to disclose sensitive information.
The vulnerability of microprogrammed network devices such as Zyxel USG FLEX 100W, USG FLEX 200, USG FLEX 500, USG FLEX 700, USG FLEX 50W, USG20W-VPN, ATP, VPN, USG/ZyWALL exists due to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability can allow a...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a malicious individual to read or write arbitrary files within the system.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to remotely read or write arbitrary files in the system by sending a specially crafted HTTP reques...
The vulnerability of the Cisco IOX software platform arises from an incorrect limitation on the path name to the restricted access catalog, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Intel® Management Engine driver, related to incorrect path name restrictions for restricted access directories, allows a hacker to execute arbitrary code.
The vulnerability of the Intel® Management Engine is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability lies in the implementation of the --no-clobber and --remove-on-error options in the cURL command-line utility, which allow a malicious user to delete any files they desire.
The vulnerability of the --no-clobber and --remove-on-error command-line utilities of cURL is related to the use of incorrect path names. Exploiting this vulnerability could allow a remote attacker to delete any files they desire...
The vulnerability in Node.js’s Node-tar module for processing tar archives stems from a flaw in the pathname limitation of the directory handling mechanism. This allows attackers to create, overwrite arbitrary files, and execute arbitrary code.
The vulnerability of the Node.js module for processing tar archives with the Node-tar package is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability allows an attacker to create, overwrite arbitrary files, and execute arbitrary code using a specially...
The vulnerability of the print spooler daemon in Windows operating systems allows a malicious individual to gain unauthorized access to protected information.
The vulnerability of the Windows Print Spooler in operating systems related to Windows printing is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected...
The vulnerability of the networkd-dispatcher component, which manages connection states in Linux operating systems, and is part of the Systemd subsystem responsible for service initialization and management, allows a malicious actor to escalate their privileges or execute arbitrary code.
The vulnerability of the networkd-dispatcher component, which manages connection states and initializes services within Systemd on Linux operating systems, exists due to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow an attacker to...
The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the file loading process...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises due to an incorrect restriction on the name of the path to the restricted access catalog. This allows a intruder to execute arbitrary code.
The vulnerability of the Interactive Graphical SCADA System IGSS exists due to an incorrect restriction on the name of the path to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created...
CVE-2022-26500
Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows remote authenticated users access to internal API functions that allows attackers to upload and execute arbitrary code...
The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises due to an incorrect restriction on the name of the path to the restricted access catalog. This allows a intruder to execute arbitrary code.
The vulnerability of the Interactive Graphical SCADA System IGSS exists due to an incorrect restriction on the name of the path to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using a specially created...
The vulnerability of the IBM Planning Analytics and IBM Planning Analytics Workspace software lies in the incorrect limitation of the path name to the restricted access catalog, allowing a perpetrator to execute arbitrary code.
The vulnerability of IBM Planning Analytics’ software is related to incorrect restrictions on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
containernetworking/cni improper limitation of path name
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...
The vulnerability of operating systems such as iOS, iPadOS, tvOS, watchOS, and macOS arises from incorrect restrictions on path names in restricted access directories, allowing attackers to compromise the integrity of protected information.
The vulnerability of iOS, iPadOS, tvOS, watchOS, and macOS lies in improper restrictions on path names in restricted access directories. Exploiting this vulnerability can allow attackers to compromise the integrity of protected information...
The vulnerability of the sound output utility, which uses the computer’s built-in speaker to emit beeps, stems from deficiencies in path name restriction. This allows a violator to trigger a service failure.
The vulnerability of the sound output utility, which uses the computer’s built-in speaker for beeping, is related to deficiencies in path name restriction. Exploiting this vulnerability could allow a hacker to cause a service failure...
The vulnerability in the web interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager SME, Cisco Unified Communications Manager Im & Presence Service, and Cisco Unity Connection allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Web interface for controlling Cisco Unified Communications Manager, Cisco Unified Communications Manager SME, Cisco Unified Communications Manager Im & Presence Service, and Cisco Unity Connection is related to incorrect path name restrictions in the access control catalo...