2184 matches found
CVE-2020-36938
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...
CVE-2020-36938 WinAVR Version 20100110 - Insecure Folder Permissions
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...
CVE-2020-36938
Technical details (affected components, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from NVD and linked advisories to obtain concrete information.
CVE-2020-36938
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...
EUVD-2020-30856
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...
PT-2026-4920
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...
WinAVR security vulnerability
WinAVR is an open-source microcontroller development toolkit developed by WinAVR. Version WinAVR 20100110 has a security vulnerability, which stems from improper permission settings. This vulnerability may lead to the modification of system files and executable files...
HPE Aruba Networking Fabric Composer security vulnerabilities
HPE Aruba Networking Fabric Composer is a network orchestration software developed by the American company HPE. HPE Aruba Networking Fabric Composer has a security vulnerability, which stems from defects in its web-based management interface. This vulnerability could allow unauthenticated remote...
Hibernate vulnerable to SQL Injection
A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in the ID column when the InlineIdsOrClauseBuilder is used. This could lead to sensitive informatio...
CVE-2026-1330
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
CVE-2026-1330 HAMASTAR Technology|MeetingHub - Arbitrary File Read
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files...
PT-2026-3921
Name of the Vulnerable Software and Affected Versions MeetingHub affected versions not specified Description MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read issue. Unauthenticated remote attackers can exploit Absolute Path Traversal to download arbitrary system files. The...
CVE-2021-47850
Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...
CVE-2021-47850
Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...
CVE-2021-47850
Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...
CVE-2021-47850 Mini Mouse 9.2.0 - Path Traversal
Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...
CVE-2021-47850 Mini Mouse 9.2.0 - Path Traversal
Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...
EUVD-2026-3610
Mini Mouse 9.2.0 contains a path traversal vulnerability that allows remote attackers to access arbitrary system files and directories through crafted HTTP requests. Attackers can retrieve sensitive files like win.ini and list contents of system directories such as C:\Users\Public by manipulating...
Yodinfo Mini Mouse path traversal vulnerability
Yodinfo Mini Mouse is a mobile remote control application developed by Yodinfo in China. The version 9.2.0 of Yodinfo Mini Mouse contains a path traversal vulnerability. This vulnerability arises due to specially crafted HTTP requests that allow for path traversal, potentially leading to access t...
CVE-2025-29847
A vulnerability in Apache Linkis. Problem Description When using the JDBC engine and da When using the JDBC engine and data source functionality, if the URL parameter configured on the frontend has undergone multiple rounds of URL encoding, it may bypass the system's checks. This bypass can trigg...