PT-2022-27340 · Unknown · Bspkrs Mcpmappingviewer

Name of the Vulnerable Software and Affected Versions: bspkrs MCPMappingViewer affected versions not specified Description: A critical issue has been found in the extractZip function of the RemoteZipHandler.java file, part of the ZIP File Handler component. This issue leads to path traversal and...

CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

Mozilla Thunderbird < 102.1

The version of Thunderbird installed on the remote Windows host is prior to 102.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-32 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102. Some of...

CVE-2022-36314

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that leads to unexpected network requests from the operating system...

Security Vulnerabilities fixed in Firefox ESR 102.1 — Mozilla

When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. When visiting directory listings for chrome:// URLs as source text, some parameters were reflected. When opening a Windows shortcut from the local filesystem, an...

The management interface of the Fortinet FortiDeceptor is vulnerable, allowing attackers to gain read, modify, or delete access to data. This vulnerability enables attackers to manipulate security measures in response to external and internal security threats.

The vulnerability of the management interface for detecting and responding to external and internal security threats in Fortinet’s FortiDeceptor involves errors in processing the relative path to the catalog. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain read...

CVE-2021-37729

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.3, 8.6.0.9, 8.5.0.12, 8.3.0.16, 6.5.4.19, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and...

CVE-2021-37733

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address...

CVE-2021-37728

A remote path traversal vulnerability was discovered in Aruba Operating System Software versions: Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security vulnerability...

CVE-2021-37728

A remote path traversal vulnerability was discovered in Aruba Operating System Software versions: Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security vulnerability...

CVE-2021-37733

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address...

Path traversal

A remote path traversal vulnerability was discovered in Aruba Operating System Software versions: Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security vulnerability...

CVE-2021-37728

A remote path traversal vulnerability was discovered in Aruba Operating System Software versions: Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security vulnerability...

Path traversal

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address...

CVE-2021-37733

CVE-2021-37733 is a remote path traversal vulnerability in Aruba SD-WAN Software and Gateways and ArubaOS. Affected products include Aruba SD-WAN Software and Gateways and ArubaOS; vulnerable if running version(s) prior to 8.6.0.4-2.2.0.4, and prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, or 8.3.0.16. The...

CVE-2021-37733

A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versions: Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.1, 8.6.0.7, 8.5.0.11, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address...

CVE-2021-37728

A remote path traversal vulnerability was discovered in Aruba Operating System Software versions: Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13. Aruba has released patches for ArubaOS that address this security vulnerability...

Mssqlproxy - A Toolkit Aimed To Perform Lateral Movement In Restricted Environments Through A Compromised Microsoft SQL Server Via Socket Reuse

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. Please read this article carefully before continuing. It consists of three part...

CVE-2018-12990

phpwcms 1.8.9 allows remote attackers to discover the installation path via an invalid csrftokenvalue field...

CVE-2018-12632

The CVE affects Redatam7 (formerly Redatam WebServer). Affected component: the rpwebutilities.exe/text endpoint, where an invalid LFN parameter enables remote attackers to discover the installation path, indicating a path-disclosure/directory-traversal type exposure. No exploit details or remedia...