2194 matches found
PT-2022-14671 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a path traversal error in the writeApplicationRestrictionsLAr function of UserManagerService.java. This error could allow an overwrite of system files,...
CVE-2022-44532
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect...
CVE-2022-38661
HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash...
Code injection
HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash...
HCL Technologies HCL Commerce 安全漏洞
HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies, USA. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Summary Unsafe extracting using shutil.unpackarchive from a remotely retrieved tarball may lead to writing the extracted file to an unintended destination. Details Extracting files using shutil.unpackarchive from a potentially malicious tarball without validating that the destination file path is...
PT-2022-27088 · Franklin Fueling Systems · Ffs Colibri
Name of the Vulnerable Software and Affected Versions: Franklin Fueling System FFS Colibri version 1.9.22.8925 Description: The issue allows an attacker to overwrite system files, such as system.conf and passwd, due to the insecure usage of the fopen system function with the mode wb, which allows...
Huawei HarmonyOS 路径遍历漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a path traversal vulnerability in the backup module. An attacker can exploit the...
NVIDIA Windows GPU Display Driver (Nov 2022)
A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that...
CVE-2022-29837
A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...
Path traversal
A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...
CVE-2022-4244
A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...
PT-2022-19867 · Western Digital · Sandisk Ibi +1
Name of the Vulnerable Software and Affected Versions: Western Digital My Cloud Home affected versions not specified Western Digital My Cloud Home Duo affected versions not specified SanDisk ibi affected versions not specified Description: A path traversal issue was addressed in the mentioned...
PT-2022-5768 · Nvidia · Nvidia Gpu Display Driver
Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows affected versions not specified Description: The issue is related to insufficient input validation in the NVIDIA GPU Display Driver, allowing an unprivileged user to access or modify system files,...
CVE-2022-29837 Path traversal Vulnerability in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi Devices
A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...
CVE-2022-43518
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise...
CVE-2022-43518
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise...
CVE-2022-42977
The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. During export, the HTTP request has a fileName parameter that accepts any file on the system e.g., an SSH private key to be downloaded...
CVE-2022-39037
Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...
CVE-2022-38120
UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...