Dell Storage Manager 路径遍历漏洞

Dell Storage Manager is a centralized storage management platform from Dell that supports the configuration, monitoring and automated operation and maintenance of the full range of Dell EMC storage systems. A path traversal vulnerability exists in Dell Storage Manager, which stems from an...

NVIDIA Nemo Framework 路径遍历漏洞

NVIDIA Nemo Framework is a framework for building and deploying generative AI models from NVIDIA. A path traversal vulnerability exists in NVIDIA Nemo Framework, which stems from an improper pathname restriction that could lead to arbitrary file writes and code execution...

The vulnerability of Linksys Velop WHW01’s microprogramming software arises from incorrect pathname restrictions for access to restricted catalogs. This allows attackers to escalate their privileges.

The vulnerability of Linksys Velop WHW01 microprogrammed software lies in the incorrect limitation of the path name to the restricted access directory. Exploiting this vulnerability can allow an attacker to increase their privileges...

WordPress plugin Docxpresso 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

The vulnerability of the UnRAR decompression tool lies in its lack of name-based path limitation, which allows attackers to access confidential data.

The vulnerability of the UnRAR decompression tool is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability could allow an attacker operating remotely to gain access to confidential data...

The vulnerability of FortiWeb web applications’ network firewalls arises from incorrect pathname restrictions for access to restricted catalogs. This allows attackers to disclose protected information.

The vulnerability of FortiWeb web applications’ network firewalls exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability can allow a malicious actor to disclose protected information through specially crafted web requests...

The vulnerability of the FileUploadProcessor.stripFileName(String name) method in the Eclipse Rich Client Platform (RCP) plugin allows a attacker to execute arbitrary code.

The vulnerability of the FileUploadProcessor.stripFileNameString name method in the Eclipse Rich Client Platform plugin suite is related to deficiencies in pathname restrictions. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability of the declarative delivery tool for GitOps on Kubernetes Argo CD, related to deficiencies in pathname restrictions for directories, allows attackers to gain unauthorized access to protected information.

The vulnerability of GitOps’ continuous delivery tool for Kubernetes Argo CD is related to shortcomings in pathname restrictions for directories. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the symbolic.py component in the Python library for interacting with Git repositories in GitPython allows a malicious individual to gain unauthorized access to protected information or cause service failures.

The vulnerability of the symbolic.py component in the Python library for interacting with git repositories in GitPython is related to shortcomings in pathname restrictions for directories. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected...

The vulnerability of the library for working with the DICOM format allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the library for working with the DICOM format in DCMT is related to deficiencies in pathname restrictions for accessing the catalog. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failure...

SUSE CVE-2016-1656

The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote attackers to bypass intended pathname restrictions via unspecified vectors...

The vulnerability of Juniper Networks Junos operating systems’ HTTP/HTTPS services allows attackers to execute arbitrary code.

The vulnerability of Juniper Networks Junos operating systems’ HTTP/HTTPS services exists due to incorrect pathname restrictions for access to restricted directories. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Ruby Sinatra web application development framework lies in its name-path limitation flaws, which allow attackers to access confidential data.

The vulnerability of the Ruby Sinatra web application development framework is related to shortcomings in pathname restrictions for directories. Exploiting this vulnerability allows an attacker operating remotely to gain access to confidential data...

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform from Adobe, which includes an integrated development environment and scripting language. Adobe ColdFusion is vulnerable to a path traversal vulnerability, which stems from an improper restriction of pathnames to restricted directories,...

The vulnerability of the Dpkg::Source::Archive component of the package manager Dpkg allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Dpkg::Source::Archive component of the package manager Dpkg is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the Node.js module for processing tar archives, Node-tar, is related to vulnerabilities in the pathname limitation of the directory. This allows attackers to load arbitrary files and execute arbitrary code.

The vulnerability of the Node.js module for processing tar archives with the Node-tar module is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability could allow an attacker to load arbitrary files and execute arbitrary code...

The vulnerability of the fetch module in the Ansible configuration management system stems from deficiencies in path name restrictions, allowing attackers to access confidential data and compromise its integrity.

The vulnerability of the fetch module in the Ansible configuration system is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability could allow an attacker to access confidential data and compromise its integrity...

The vulnerability of the MultiPartParser component in the Django web application framework, related to deficiencies in pathname restrictions for directories, allows attackers to access confidential data.

The vulnerability of the MultiPartParser component in the Django web application framework is related to shortcomings in pathname restrictions for directories. Exploiting this vulnerability could allow an attacker to gain access to confidential data using files with specially created names...

The vulnerability of the TemplateDetailView function in the django/contrib/admindocs component of the Django web application’s software platform, related to vulnerabilities in pathname restrictions for directories, allows attackers to gain access to confidential data.

The vulnerability of the TemplateDetailView function in the django/contrib/admindocs component of the Django software development platform relates to shortcomings in pathname restrictions for directories. Exploiting this vulnerability could allow an attacker to gain access to confidential data...

The vulnerability of the django.utils.archive.extract method in the Django framework, related to deficiencies in pathname restrictions for directories, allows attackers to compromise data integrity.

The vulnerability of the django.utils.archive.extract method in the Django framework is related to shortcomings in pathname restrictions. Exploiting this vulnerability could allow an attacker to compromise data integrity...