Lucene search
K

102 matches found

OSV
OSV
added 2024/12/09 4:15 a.m.3 views

CVE-2024-53279

Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in file station functionality in Synology Router Manager SRM before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensiti...

5.9CVSS5.9AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2024/11/12 3:45 p.m.54 views

CVE-2024-43415

CVE-2024-43415 — A SQL injection in the decidim_awesome-module (papertrail/version-model) allows an authenticated admin to manipulate SQL queries in vulnerable versions (0.9.0–0.11.1). This can lead to information disclosure, filesystem read/write, or remote code execution. Root cause: improper n...

9CVSS9.3AI score0.0066EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.8 views

PT-2024-26870 · Kalkitech · Kalkitech Ase Ase61850 Iedsmart

Name of the Vulnerable Software and Affected Versions: Kalkitech ASE ASE61850 IEDSmart versions 2.3.5 and earlier Description: The issue allows attackers to read and write arbitrary files via the IEC61850 File Transfer protocol. This is a result of a Directory Traversal vulnerability...

9.4CVSS7.2AI score0.00742EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.3 views

The vulnerability of Telit Cinterion modem’s microprogramming software, related to bypassing the relative path, allows a intruder to gain access to read and write any arbitrary files on the system.

The vulnerability of Telit Cinterion modem’s microprogramming software relates to the exploitation of a relative path. Exploiting this vulnerability can allow an attacker to gain access to read and write arbitrary system files...

4.4CVSS7.5AI score0.00236EPSS
Exploits0References3
OSV
OSV
added 2024/05/16 2:15 p.m.6 views

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

7.8CVSS6AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2024/01/16 1:15 a.m.5 views

CVE-2023-6457

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows Hitachi Tuning Manager server component allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04...

7.1CVSS5.8AI score0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.4 views

Hitachi Tuning Manager Security Vulnerability

Hitachi Tuning Manager is a performance tuning and monitoring tool provided by Hitachi, Japan. A security vulnerability exists in Hitachi Tuning Manager versions prior to 8.8.5-04, which stems from incorrect default permissions that allow local users to read and write specific files...

7.1CVSS6.4AI score0.00141EPSS
Exploits0References3
OSV
OSV
added 2023/12/14 4:15 p.m.2 views

CVE-2023-44278

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server...

6.7CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2023/11/09 12:0 a.m.4 views

Telit Cinterion BGS5 Security Vulnerability

Telit Cinterion BGS5 is a mobile communication module from Telit Communications Telit. A security vulnerability exists in the Telit Cinterion BGS5 that stems from a relative path traversal vulnerability that could allow a local, low-privilege attacker to gain read/write access to protected files ...

7.1CVSS6.9AI score0.00236EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/09 12:0 a.m.5 views

Telit Cinterion BGS5 Security Vulnerability

Telit Cinterion BGS5 is a mobile communication module from Telit Communications Telit. A security vulnerability exists in Telit Cinterion that originates from allowing an attacker with physical access privileges to gain read and write access to any file and directory on the target system. Affecte...

6.8CVSS6.7AI score0.00343EPSS
Exploits0References2
OSV
OSV
added 2023/06/23 6:15 a.m.4 views

CVE-2023-35801

A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...

8.1CVSS5.9AI score0.01464EPSS
Exploits0References3
OSV
OSV
added 2023/06/13 7:15 a.m.6 views

CVE-2023-0142

Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager DSM before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors...

8.1CVSS7.4AI score0.0097EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/21 12:0 a.m.4 views

InsightCloudSec 安全漏洞

InsightCloudSec is a fully integrated cloud-native security platform from InsightCloudSec, Inc. A security vulnerability exists in versions of InsightCloudSec prior to 23.3.21, which originates from an attacker being able to read and write arbitrary files from disk using an exposed "box" object...

8.1CVSS7.9AI score0.00777EPSS
Exploits1References3
OSV
OSV
added 2023/02/28 3:15 a.m.4 views

CVE-2022-3884

Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows Hitachi Ops Center Analyzer RAID Agent component allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01...

7.1CVSS5.8AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.4 views

Hitachi Ops Center Analyzer 安全漏洞

Hitachi Ops Center Analyzer is a data center management software from Hitachi, Japan. It monitors, reports, and correlates end-to-end performance from servers to storage. A security vulnerability exists in Hitachi Ops Center Analyzer version 10.9.0-00 through versions prior to 10.9.0-01 that stem...

7.3CVSS7.4AI score0.00154EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.6 views

SUSE CVE-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...

6.4CVSS6.9AI score0.02317EPSS
Exploits0References3
OSV
OSV
added 2023/01/17 2:15 a.m.3 views

CVE-2020-36611

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components allows local users to read and write specific...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/01 12:0 a.m.4 views

多款Hitachi产品安全漏洞

Hitachi Ops Center Analyzer and Hitachi Infrastructure Analytics Advisor are both products of Hitachi, Japan.Hitachi Ops Center Analyzer is a data center management software. It monitors, reports, and correlates end-to-end performance from servers to storage.Hitachi Infrastructure Analytics Advis...

6.6CVSS5.1AI score0.00148EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.3 views

Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞

Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the U.S. company Cisco Cisco.Cisco RoomOS Software is a set of automatic management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisc...

6.7CVSS6.8AI score0.00452EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.4 views

Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞

Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the U.S. company Cisco Cisco.Cisco RoomOS Software is a set of automatic management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisc...

7.2CVSS7.2AI score0.0066EPSS
Exploits0References3
Rows per page
Query Builder