102 matches found
CVE-2024-53279
Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in file station functionality in Synology Router Manager SRM before 1.3.1-9346-10 allows remote authenticated users with administrator privileges to read or write specific files containing non-sensiti...
CVE-2024-43415
CVE-2024-43415 — A SQL injection in the decidim_awesome-module (papertrail/version-model) allows an authenticated admin to manipulate SQL queries in vulnerable versions (0.9.0–0.11.1). This can lead to information disclosure, filesystem read/write, or remote code execution. Root cause: improper n...
PT-2024-26870 · Kalkitech · Kalkitech Ase Ase61850 Iedsmart
Name of the Vulnerable Software and Affected Versions: Kalkitech ASE ASE61850 IEDSmart versions 2.3.5 and earlier Description: The issue allows attackers to read and write arbitrary files via the IEC61850 File Transfer protocol. This is a result of a Directory Traversal vulnerability...
The vulnerability of Telit Cinterion modem’s microprogramming software, related to bypassing the relative path, allows a intruder to gain access to read and write any arbitrary files on the system.
The vulnerability of Telit Cinterion modem’s microprogramming software relates to the exploitation of a relative path. Exploiting this vulnerability can allow an attacker to gain access to read and write arbitrary system files...
CVE-2024-20326
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...
CVE-2023-6457
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows Hitachi Tuning Manager server component allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04...
Hitachi Tuning Manager Security Vulnerability
Hitachi Tuning Manager is a performance tuning and monitoring tool provided by Hitachi, Japan. A security vulnerability exists in Hitachi Tuning Manager versions prior to 8.8.5-04, which stems from incorrect default permissions that allow local users to read and write specific files...
CVE-2023-44278
Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain a path traversal vulnerability. A local high privileged attacker could potentially exploit this vulnerability, to gain unauthorized read and write access to the OS files stored on the server...
Telit Cinterion BGS5 Security Vulnerability
Telit Cinterion BGS5 is a mobile communication module from Telit Communications Telit. A security vulnerability exists in the Telit Cinterion BGS5 that stems from a relative path traversal vulnerability that could allow a local, low-privilege attacker to gain read/write access to protected files ...
Telit Cinterion BGS5 Security Vulnerability
Telit Cinterion BGS5 is a mobile communication module from Telit Communications Telit. A security vulnerability exists in Telit Cinterion that originates from allowing an attacker with physical access privileges to gain read and write access to any file and directory on the target system. Affecte...
CVE-2023-35801
A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have acce...
CVE-2023-0142
Uncontrolled search path element vulnerability in Backup Management functionality in Synology DiskStation Manager DSM before 6.2.4-25556-8, 7.0.1-42218-7 and 7.1-42661 allows remote authenticated users with administrator privileges to read or write arbitrary files via unspecified vectors...
InsightCloudSec 安全漏洞
InsightCloudSec is a fully integrated cloud-native security platform from InsightCloudSec, Inc. A security vulnerability exists in versions of InsightCloudSec prior to 23.3.21, which originates from an attacker being able to read and write arbitrary files from disk using an exposed "box" object...
CVE-2022-3884
Incorrect Default Permissions vulnerability in Hitachi Ops Center Analyzer on Windows Hitachi Ops Center Analyzer RAID Agent component allows local users to read and write specific files.This issue affects Hitachi Ops Center Analyzer: from 10.9.0-00 before 10.9.0-01...
Hitachi Ops Center Analyzer 安全漏洞
Hitachi Ops Center Analyzer is a data center management software from Hitachi, Japan. It monitors, reports, and correlates end-to-end performance from servers to storage. A security vulnerability exists in Hitachi Ops Center Analyzer version 10.9.0-00 through versions prior to 10.9.0-01 that stem...
SUSE CVE-2004-0792
Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files...
CVE-2020-36611
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components allows local users to read and write specific...
多款Hitachi产品安全漏洞
Hitachi Ops Center Analyzer and Hitachi Infrastructure Analytics Advisor are both products of Hitachi, Japan.Hitachi Ops Center Analyzer is a data center management software. It monitors, reports, and correlates end-to-end performance from servers to storage.Hitachi Infrastructure Analytics Advis...
Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞
Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the U.S. company Cisco Cisco.Cisco RoomOS Software is a set of automatic management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisc...
Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞
Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the U.S. company Cisco Cisco.Cisco RoomOS Software is a set of automatic management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisc...