Lucene search
K

2194 matches found

Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.9 views

PT-2022-14671 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a path traversal error in the writeApplicationRestrictionsLAr function of UserManagerService.java. This error could allow an overwrite of system files,...

4.4CVSS4.4AI score0.00146EPSS
Exploits0References2
NVD
NVD
added 2022/12/12 1:15 p.m.21 views

CVE-2022-44532

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect...

6.5CVSS0.00703EPSS
Exploits0References1
OSV
OSV
added 2022/12/12 1:15 p.m.3 views

CVE-2022-38661

HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash...

7.1CVSS5.8AI score0.00177EPSS
Exploits0References1
Prion
Prion
added 2022/12/12 1:15 p.m.14 views

Code injection

HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash...

3.2CVSS6.7AI score0.00177EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.3 views

HCL Technologies HCL Commerce 安全漏洞

HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies, USA. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...

7.1CVSS7.1AI score0.00177EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/12/05 11:34 p.m.37 views

GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package

Summary Unsafe extracting using shutil.unpackarchive from a remotely retrieved tarball may lead to writing the extracted file to an unintended destination. Details Extracting files using shutil.unpackarchive from a potentially malicious tarball without validating that the destination file path is...

6.5CVSS0.6AI score0.00704EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/05 12:0 a.m.4 views

PT-2022-27088 · Franklin Fueling Systems · Ffs Colibri

Name of the Vulnerable Software and Affected Versions: Franklin Fueling System FFS Colibri version 1.9.22.8925 Description: The issue allows an attacker to overwrite system files, such as system.conf and passwd, due to the insecure usage of the fopen system function with the mode wb, which allows...

9.8CVSS9.4AI score0.00997EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/12/05 12:0 a.m.3 views

Huawei HarmonyOS 路径遍历漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a path traversal vulnerability in the backup module. An attacker can exploit the...

7.5CVSS7.4AI score0.00506EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/12/02 12:0 a.m.81 views

NVIDIA Windows GPU Display Driver (Nov 2022)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities, including the following: - NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can access or modify system files or other files that...

8.8CVSS6.5AI score0.01387EPSS
Exploits0References8
NVD
NVD
added 2022/12/01 5:15 p.m.30 views

CVE-2022-29837

A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...

7.8CVSS0.0019EPSS
Exploits0References1
Prion
Prion
added 2022/12/01 5:15 p.m.16 views

Path traversal

A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...

4.3CVSS7.7AI score0.0019EPSS
Exploits0References1Affected Software3
RedhatCVE
RedhatCVE
added 2022/12/01 6:56 a.m.44 views

CVE-2022-4244

A flaw was found in codeplex-codehaus. A directory traversal attack also known as path traversal aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash ../" sequences and their variations or by using absolute file paths, it may be possib...

7.5CVSS8AI score0.01347EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/01 12:0 a.m.6 views

PT-2022-19867 · Western Digital · Sandisk Ibi +1

Name of the Vulnerable Software and Affected Versions: Western Digital My Cloud Home affected versions not specified Western Digital My Cloud Home Duo affected versions not specified SanDisk ibi affected versions not specified Description: A path traversal issue was addressed in the mentioned...

7.8CVSS7.6AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/01 12:0 a.m.3 views

PT-2022-5768 · Nvidia · Nvidia Gpu Display Driver

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Windows affected versions not specified Description: The issue is related to insufficient input validation in the NVIDIA GPU Display Driver, allowing an unprivileged user to access or modify system files,...

8.8CVSS7.7AI score0.00277EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/12/01 12:0 a.m.35 views

CVE-2022-29837 Path traversal Vulnerability in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi Devices

A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...

4.7CVSS7.9AI score0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/30 7:26 p.m.10 views

CVE-2022-43518

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise...

4.9CVSS6.7AI score0.00703EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/30 7:26 p.m.25 views

CVE-2022-43518

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise...

4.9CVSS6.5AI score0.00703EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/15 12:0 a.m.43 views

CVE-2022-42977

The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to generate a list of users in the application, and export it. During export, the HTTP request has a fileName parameter that accepts any file on the system e.g., an SSH private key to be downloaded...

7.7AI score0.00956EPSS
Exploits1References1
NVD
NVD
added 2022/11/10 3:15 p.m.13 views

CVE-2022-39037

Agentflow BPM file download function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

7.5CVSS0.01224EPSS
Exploits0References2
NVD
NVD
added 2022/11/10 3:15 p.m.12 views

CVE-2022-38120

UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...

6.5CVSS0.05575EPSS
Exploits1References1
Rows per page
Query Builder