51 matches found
Design/Logic Flaw
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
CVE-2020-28469 Regular Expression Denial of Service (ReDoS)
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
CVE-2020-28469
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator...
CVE-2020-28469
CVE-2020-28469 affects the glob-parent package prior to v5.1.2. The flaw arises from the enclosure-regex used to validate strings ending in an enclosure that contains a path separator. The described effect is a Regular Expression Denial of Service (ReDoS) scenario. Affected software/component: gl...
Jellyfin 任意文件读取漏洞(CVE-2021-21402)
GHSL-2021-050: Unauthenticated abritrary file read in Jellyfin - CVE-2021-21402 Jaroslav Lobacevski Coordinated Disclosure Timeline - 2021-03-19: Issue reported to maintainers. - 2021-03-22: Version 10.7.1 with fixes was released. Summary Jellyfin allows unauthenticated arbitrary file read. Produ...
USN-4167-2 samba vulnerabilities
USN-4167-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecti...
CVE-2013-1939
The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ backslash character...
fingerprint_os
This plugin fingerprints the remote web server and tries to determine the Operating System family Windows, Unix, etc.. The fingerprinting is at this moment really trivial, because it only uses one technique: windows path separator in the URL. For example, if the input URL is...
The path separator"\"with"/"in the Web of induced vulnerability-vulnerability warning-the black bar safety net
Whether is under windows the path separator""or linux"/", this is not a serious problem, but in the web of the upper surface of the opening will appear a lot of"bugs", if the web Developer did not consider this issue, then may appear very serious bug. In the VC code\ \ \is an escape character,...
The Windows File System vulnerability-a small vulnerability, big-vulnerability warning-the black bar safety net
Windows useful file to replace the command, to bypass the File Protection Used to replace file replace, even being used of the file can also be replaced. Very invincible. For example: in C:\create a directory, c:\aaa Then copy an mp3 to c:\aaa and named to the c:\aaa\a. mp3 Then copy another...
The Windows File System vulnerability-a small vulnerability, big-vulnerability warning-the black bar safety net
Windows useful file to replace the command, to bypass the File Protection Used to replace file replace, even being used of the file can also be replaced. Very invincible. For example: in C:\create a directory, c:\aaa Then copy an mp3 to c:\aaa and named to the c:\aaa\a. mp3 Then copy another...