XML External Entity (XXE)

maven-bundle-plugin is vulnerable to XML external entity XXE attacks. The external DTDs is not disabled by default, allowing an attacker to submit a malicious XML document to perform requests on behalf of the server or read system files...

Node.js third-party modules: [hangersteak] Web Server Directory Traversal via Crafted GET Request

I would like to report path traversal in hangersteak module. It allows an attacker to read system files via path traversal local/remote Module module name: hangersteak version: 0.2.4 latest npm page: https://www.npmjs.com/package/hangersteak Module Description Node web static files server with...

Node.js third-party modules: [sirloin] Web Server Directory Traversal via Crafted GET Request

I would like to report path traversal in Sirloin module. It allows an attacker to read system files via path traversal local/remote Module module name: Sirloin version: 0.15.0 latest release build npm page: https://www.npmjs.com/package/sirloin Module Description This high performance, extremely...

CVE-2019-16155

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

Privilege escalation

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

CVE-2019-16155

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

CVE-2019-16155

A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more...

Directory Traversal

oneup/uploader-bundle is vulnerable to directory traversal. A remote attacker is able to access system files outside of the root directory via the ../ characters in the POST parameters used to build a path where the chunks are stored and assembled temporarily. The vulnerability can be exploited b...

CVE-2020-3938

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests...

Cross site request forgery (csrf)

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests...

CVE-2020-3938 SysJust Syuan-Gu-Da-Shih -Request-Forgery

SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests...

XML External Entity (XXE)

checkstyle is vulnerable to XML external entity attacks. The external-parameter-entities feature is not disabled by default, allowing a remote attacker to retrieve system files or perform requests on behalf of the server via a malicious XML document...

MGASA-2020-0048 Updated libqb packages fix security vulnerability

Insecure treatment of IPC temporary files which could allow a local attacker to overwrite privileged system files CVE-2019-12779...

Updated libqb packages fix security vulnerability

Insecure treatment of IPC temporary files which could allow a local attacker to overwrite privileged system files CVE-2019-12779...

Starbucks: Korea - LFI via path traversal at https://msr.istarbucks.co.kr:6443/appif/

@iampuky — thank you for reporting the original vulnerability and for confirming the resolution. While analyzing the Starbucks Korea mobile application, i noticed that it called an API at https://msr.istarbucks.co.kr:6443/appif/. It was found that the application running under that directory was...

Sandbox Restrictions Bypass

github.com/opencontainers/runc is vulnerable to sandbox restrictions bypass. An attacker who controls the container image for two containers that share a volume will be able to mount arbitrary volumes in a race condition during container initialization via a symlink that is added to the rootfs...

XML External Entity (XXE) Injection

pyamf is vulnerable to XML external entity XXE attacks. The attack exists because the XML parser does not disable the parsing of external DTDs, allowing a remote attacker to inject malicious external DTD entities via an Action Message Format AMF payload to retrieve system files or perform request...

CVE-2020-1606

CVE-2020-1606 is a path-traversal flaw in Junos OS/J-Web that allows an authenticated J-Web user to read files world-readable and delete world-writable ones. Affected Junos OS releases include 12.3 (before 12.3R12-S13), 12.3X48 (before 12.3X48-D85) on SRX, 14.1X53 (before 14.1X53-D51), 15.1F6 (be...

Microsoft Windows Denial of Service Vulnerability

A denial of service vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially...

Cisco NX-OS Software Secure Configuration Bypass (cisco-sa-20190515-nxos-conf-bypass)

According to its self-reported version, Cisco NX-OS Software is affected by a configuration bypass vulnerability due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An authenticated, local attacker can exploit this, by...