Lucene search
K

158 matches found

Amazon
Amazon
added 2025/04/16 12:0 a.m.24 views

Important: php

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in nextstateval during regular expression compilation. Octal numbers larger than 0xff are not handled correctly i...

9.8CVSS8.8AI score0.08003EPSS
Exploits7
SUSE CVE
SUSE CVE
added 2025/02/14 7:6 a.m.5 views

SUSE CVE-2023-0568

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

7.5CVSS7.2AI score0.01242EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.5 views

PT-2025-6266 · Fortinet · Fortiportal

Name of the Vulnerable Software and Affected Versions: FortiPortal versions 7.0.0 through 7.0.11 FortiPortal versions 7.2.0 through 7.2.6 FortiPortal versions 7.4.0 through 7.4.2 Description: An Improper Resolution of Path Equivalence issue may allow a remote unauthenticated attacker to retrieve...

8.6CVSS7.6AI score0.01227EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/05 7:18 p.m.6 views

CVE-2022-0855

Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcsplugin prior to 0.0.4...

7.4CVSS6.7AI score0.00973EPSS
Exploits1References1
OSV
OSV
added 2025/01/14 7:20 p.m.13 views

BIT-PHP-MIN-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

8.1CVSS8.6AI score0.01242EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.1 views

PT-2025-1216 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the MapUrlToZone component of the Windows operating system, which is associated with incorrect path equivalence resolution. This can allow a remote attacker to bypas...

8.8CVSS9.3AI score0.01421EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/12/11 4:20 p.m.3 views

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

8.1CVSS7.5AI score0.01242EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2024/10/24 12:0 a.m.7 views

openSUSE: Security Advisory for cargo (SUSE-SU-2024:3748-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS6.2AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/24 12:0 a.m.19 views

openSUSE 15 Security Update : cargo-c (SUSE-SU-2024:3748-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3748-1 advisory. Security fixes: - CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: - Update to version 0.10.3git0.ee7d7ef: Tenable has extract...

6CVSS5.5AI score0.00257EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2024/10/23 11:33 a.m.1 views

Security update for cargo-c

This update for cargo-c fixes the following issues: Security fixes: CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: Update to version 0.10.3git0.ee7d7ef: Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

5.6CVSS6.8AI score0.00257EPSS
Exploits0References4
OSV
OSV
added 2024/10/23 11:33 a.m.7 views

SUSE-SU-2024:3748-1 Security update for cargo-c

This update for cargo-c fixes the following issues: Security fixes: - CVE-2024-45405: Fixed gix-path improper path resolution bsc1230683 Other fixes: - Update to version 0.10.3git0.ee7d7ef:...

6CVSS6.2AI score0.00257EPSS
Exploits0References3
CVE
CVE
added 2024/09/06 1:10 p.m.291 views

CVE-2024-45405

Technical details about CVE-2024-45405 are not provided in the connected documents. Public details in the initial entry describe the issue and patch, but no additional technical specifics are available here. Monitor for updates.

6CVSS6.3AI score0.00257EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/06 1:10 p.m.16 views

CVE-2024-45405 gix-path improperly resolves configuration path reported by Git

gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or...

6CVSS7.1AI score0.00257EPSS
Exploits0References3
OSV
OSV
added 2024/09/06 1:10 p.m.19 views

CVE-2024-45405 gix-path improperly resolves configuration path reported by Git

gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or...

6CVSS6.9AI score0.00257EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/09/06 1:10 p.m.11 views

CVE-2024-45405

gix-path is a crate of the gitoxide project an implementation of git written in Rust dealing paths and their conversions. Prior to version 0.10.11, gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or...

6CVSS5.6AI score0.00257EPSS
Exploits0
RustSec
RustSec
added 2024/09/06 12:0 p.m.5 views

gix-path improperly resolves configuration path reported by Git

Summary gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a local attacker to inject configuration leading to code execution. Details In gixpath::env, th...

7.2AI score
Exploits0Affected Software1
Fedora
Fedora
added 2024/05/26 1:29 a.m.13 views

[SECURITY] Fedora 40 Update: rust-uu_readlink-0.0.23-3.fc40

readlink uutils display resolved path of PATHNAME...

7.3AI score
Exploits0
OSV
OSV
added 2024/03/06 11:2 a.m.26 views

BIT-PHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

8.1CVSS8.6AI score0.01242EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/01/24 9:59 a.m.3 views

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

8.1CVSS7.5AI score0.01242EPSS
Exploits1References5
Veracode
Veracode
added 2023/11/23 6:49 a.m.20 views

Heap Buffer Overflow

ibminizip-ng.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to the mzpathresolve function in mzos.c because there is no boundary checking during the backward search for slashes in the path resolution function. This allows an attacker to craft a file with a specially structured...

8.8CVSS7.6AI score0.0093EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder