CVE-2024-8058

An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading...

CVE-2024-8058

CVE-2024-8058 concerns the FileZ client and describes an improper parsing vulnerability where a crafted file in the FileZ directory can lead to reading arbitrary files on the device via URL preloading. Affected software: FileZ client. Root cause: improper parsing related to URL preloading. Impact...

CVE-2024-8058

An improper parsing vulnerability was reported in the FileZ client that could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading...

Lenovo Filez 安全漏洞

Lenovo Filez is an enterprise web drive from the Chinese company Lenovo Lenovo. A security vulnerability exists in Lenovo Filez, which stems from incorrect parsing and could allow a carefully constructed file to read arbitrary files on a device via URL preloading...

PT-2024-38779 · Unknown · Filez Client

Name of the Vulnerable Software and Affected Versions: FileZ client affected versions not specified Description: An improper parsing issue in the FileZ client could allow a crafted file in the FileZ directory to read arbitrary files on the device due to URL preloading. This issue might permit...

CVE-2024-37127

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege...

CVE-2024-37142

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege...

CVE-2024-20359

A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to execute arbitrary code...

CVE-2024-20359

CVE-2024-20359 affects Cisco ASA and Cisco FTD. A legacy capability flaw allows an authenticated local attacker to exploit improper validation of a file read from flash memory by copying a crafted file to disk0:, enabling arbitrary code execution with root privileges after the next device reload....

PT-2024-5604 · Dell · Dell Peripheral Manager

Name of the Vulnerable Software and Affected Versions: Dell Peripheral Manager versions prior to 1.7.6 Description: The issue is related to an uncontrolled search path element in the software. This could allow an attacker to potentially exploit the vulnerability through preloading malicious DLL o...

kernel: cgroup: Use separate src/dst nodes when preloading css_sets for migration

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

kernel: cgroup: Use separate src/dst nodes when preloading css_sets for migration

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

SUSE CVE-2010-0168

The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloading implementation in Mozilla Firefox 3.6 before 3.6.2 does not apply scheme restrictions and policy restrictions to the image's URL, which might allow remote attackers to cause a denial of service...

CVE-2019-19705

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 and on many other Lenovo and non-Lenovo products, mishandles DLL preloading...

CVE-2019-19705

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 and on many other Lenovo and non-Lenovo products, mishandles DLL preloading...

Design/Logic Flaw

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 and on many other Lenovo and non-Lenovo products, mishandles DLL preloading...

CVE-2019-19705

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 and on many other Lenovo and non-Lenovo products, mishandles DLL preloading...

CVE-2019-19705

Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 and on many other Lenovo and non-Lenovo products, mishandles DLL preloading...

CVE-2019-19705

Realtek Audio Drivers for Windows (used on Lenovo ThinkPad X1 Carbon models 20A7/20A8/20BS/20BT and other Lenovo/non-Lenovo devices) are affected by DLL preloading mishandling. The issue is fixed in Realtek driver versions 6.0.8882.1 or later (for the 6.0.8882.1 branch) and 6.0.8907.1 or later (f...

Security Bulletin: Multiple security vulnerabilities in the IBM InfoSphere Information Server Suite.

Abstract Security Bulletin: Multiple security vulnerabilities in the IBM InfoSphere Information Server Suite. Content SUMMARY: Security vulnerabilities exist in various versions of IBM Information Server or constituent products. Note: The same fix may be listed under multiple vulnerabilities...