323 matches found
cmft Denial of Service Vulnerability
cmft is a set of cross-platform for filtering stereo mapping open source command line tools . A security vulnerability exists in the 'cmft::rwReadFile' function in the image.cpp file in cmft 2017-09-24 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of...
Design/Logic Flaw
GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimpwriteandreadfile function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was...
CVE-2018-3731
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path...
Linux/x86-64 - Read /etc/passwd Shellcode (82 bytes)
BITS 64 ; Author Mr.Un1k0d3r - RingZer0 Team ; Read /etc/passwd Linux x8664 Shellcode ; Shellcode size 82 bytes global start section .text start: jmp pushfilename readfile: ; syscall open file pop rdi ; pop path value ; NULL byte fix xor byte rdi + 11, 0x41 xor rax, rax add al, 2 xor rsi, rsi ; s...
The vulnerability of the CInArchive::ReadFileItem method (Archive/Udf/UdfIn.cpp) in the p7zip archive tool allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the CInArchive::ReadFileItem method Archive/Udf/UdfIn.cpp in the p7zip archive tool is caused by the occurrence of read operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary...
CVE-2017-1681
IBM WebSphere Application Server IBM Liberty for Java for Bluemix 3.15 could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. IBM X-Force ID: 134003...
SAP Point of Sale Xpress Server Authentication Bypass Vulnerability
SAP Point of Sale POS is the German SAP SAP company's set of sales management system. Xpress Server is one of the Xpress server. A security vulnerability exists in the Xpress Server in SAP POS, which stems from the program's failure to require authentication. An attacker could use this...
CVE-2017-6531
On Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgwv1.02.0014 4.20, the backup/restore feature lacks access control, related to ReadFile.cgi and LoadCfgFile...
PHPMailer local file read Vulnerability (CVE-2017-5223)
Details source: http://www.freebuf.com/vuls/124820.html Author: Yxlink Affected versions: PHPMailer = 5.2.21 Vulnerability level: High-risk Vulnerability details: Vulnerability file function: class.phpmailer.php the encodeFile function. The function receives a $path variable, and finally the $pat...
SAP NetWeaver AS JAVA - BC-BMT-BPM-DSK XML External Entity Injection
SAP NetWeaver AS JAVA - BC-BMT-BPM-DSK XML External Entity Injection Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909...
SAP NetWeaver AS JAVA 7.4 XXE Injection
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: http://SAP.com Bug: XXE Sent: 09.03.2016 Reported: 10.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909 Author: Vahagn Vardanyan ERPScan Descripti...
SAP NetWeaver AS ABAP 7.4 Directory Traversal Vulnerability
SAP NetWeaver AS ABAP version 7.4 suffers from a directory traversal vulnerability. Application: SAP NetWeaver AS ABAP Versions Affected: SAP NetWeaver AS ABAP 7.4 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 22.04.2016 Reported: 23.04.2016 Vendor response: 23.04.2016 Date of Public...
SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component (CVE-2016-9563)
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XXE...
paps 'read_file()' heap buffer overflow vulnerability
paps is a converter from UTF-8 to PostScript language using Pango, an open source library for high quality rendering of internationalized text. A heap buffer overflow vulnerability exists in paps. An attacker could exploit this vulnerability to execute arbitrary code, which could also result in a...
SAP NetWeaver Java 7.5 XXE
Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 10.01.2017 Reference: SAP Security Note 2347439 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE Impact: Denial of...
SAP Netweaver AS Java - XXE vulnerability in Visual Composer VC70RUNTIME
Application: SAP NetWeaver Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 17.06.2016 Vendor response: 18.06.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2386873 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: XXE Impact:...
UBUNTU-CVE-2016-2335
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service out-of-bounds read or execute arbitrary code via the PartitionRef field in the Long Allocation Descriptor in a UDF file...
SAP xMII 15.0 - Directory Traversal
SAP xMII 15.0 - Directory Traversal Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 29.07.2015 Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry...
Adcon Telemetry A840 Telemetry Gateway Hardcoded Certificate Vulnerability
The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. The Adcon Telemetry A840 Telemetry Gateway uses hard-coded certificates, which allows remote attackers to exploit the vulnerability to change the device configuration and read or write...
AstroCMS Multiple Vulnerabilities
No description provided by source. Exploit Title: AstroCMS Multiple Remote Vulnerabilities Google Dork: none Date: 12.03.2011 Author: brainpillow Software Link: http://www.astrocms.com/ Version: UNKNOWN ============================================================ FORGOTPASSWORD SQL-INJ EXPLOIT:...