704 matches found
PT-2024-18236 · Zhongbangkeji · Crmeb
Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB version 5.2.2 Description: A problematic issue has been found in the software, affecting the openfile function of the file "/adminapi/system/file/openfile". This issue leads to absolute path traversal. The exploit has been...
Path Traversal
mapshaper is vulnerable to Path Traversal. The vulnerability is caused due to not sanitizing the request URL path when a request is received. This allows an attacker to read any file in the system with privilege of the user running the mapshaper-gui...
CVE-2024-23651
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessibl...
UFIDA Network Technology Corporation YonBIP Arbitrary File Read Vulnerability
YonBIP is a new generation of products developed by UFIDA, as the world's leading enterprise digital intelligence platform and application software. An arbitrary file read vulnerability exists in YonBIP, which can be exploited by an attacker to read the contents of system files...
CVE-2023-4553
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before 23.2...
CVE-2023-4552 Java Database Connectivity (JDBC) URL Manipulation
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2, which arises from incorrect input validation, and an externally accessible file or directory vulnerability that allows probing of system files...
OpenText AppBuilder Security Vulnerability
OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2 that originates from incorrect input validation and allows probing of system files...
Delta Electronics DOPSoft Security Vulnerability
Delta Electronics DOPSoft is a set of human machine interface HMI software from Delta Electronics of Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft due to a stack-based buffer overflow vulnerability when parsing the InitialMacroLen field of a DPS file...
Microsoft Win32k Elevation of Privilege Vulnerability (CNVD-2024-11165)
Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Win32k. An attacker could exploit this vulnerability to gain elevated privileges on the system...
CVE-2023-23432
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
CVE-2023-23436
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
CVE-2023-23435
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
CVE-2023-23433
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
CVE-2023-23431
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
Code injection
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
Code injection
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
Code injection
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
Code injection
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...
CVE-2023-23436
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...