32 matches found
Directory Traversal
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
EUVD-2026-11070
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a security feature bypass. A high-privileged attacker could...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper normalization of URL paths in the rules. An attacker can gain unauthorized access to restricted files and perform unauthorized modifications by crafting requests with multiple leading slashes in the...
CVE-2020-10006
This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to access restricted files...
EUVD-2021-23310
Malware in sbrugna...
EUVD-2021-17699
Malware in sbrugna...
EUVD-2021-17772
Malware in sbrugna...
CVE-2023-40299
Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLDINSERTLIBRARIES environment variable...
CVE-2022-26728
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files...
Incorrect Authorization
Overview org.webjars.npm:vite is a Native-ESM powered web dev build tool Affected versions of this package are vulnerable to Incorrect Authorization via the bypass of the server.fs.deny restriction. An attacker can access restricted files by appending ?.svg with ?.wasm?init or with sec-fetch-dest...
Directory Traversal
Gradio is vulnerable to a Directory Traversal. The vulnerability is due to improper path validation in the isinorequal function, which can be bypassed using .. parent directory sequences, allowing attackers to potentially access restricted files...
CVE-2023-40299
Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLDINSERTLIBRARIES environment variable...
CVE-2023-26818
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLDINSERTLIBRARIES flag...
CVE-2023-26818
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLDINSERTLIBRARIES flag...
Telegram 安全漏洞
Telegram is an instant messaging mobile application. A security vulnerability exists in Telegram versions 9.3.1, 9.4.0, which stems from a problem with the DYLDINSERTLIBRARIES flag, which can be exploited by an attacker to gain access to restricted files, microphones, or video recordings...
CVE-2023-26818
Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLDINSERTLIBRARIES flag...
Theonedev Onedev 路径遍历漏洞
Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev A path traversal...
CVE-2022-26728
This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files...
Directory Traversal
github.com/flipped-aurora/gin-vue-admin is vulnerable to directory traversal. The vulnerability exists due to a lack of sanitization of FileName allowing an attacker to gain access to restricted files...
PortlandLabs Concrete CMS 安全漏洞
PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. PortlandLabs Concrete CMS has a security vulnerability that could be exploited by attackers to access restricted files...