2184 matches found
Systemic RiskValue 安全漏洞
Systemic RiskValue is a tool or framework for assessing the value of financial systemic risk from Systemic, Inc. It is used to measure and analyze the potential losses that could result from financial systemic risk. A security vulnerability exists in Systemic RiskValue 2.8.0 and earlier versions,...
CVE-2024-54525
A logic issue was addressed with improved file handling. This issue is fixed in visionOS 2.2, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-54525
A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2024-54525
A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Restoring a maliciously crafted backup file may lead to modification of protected system files...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS that stems from file handling improvements and could result ...
CVE-2025-27397
Siemens SCALANCE LPE9403 (6GK5998-3GS00-2AC2) is affected by CVE-2025-27397. All versions below V4.0 fail to properly restrict user-controlled log paths, enabling an authenticated, highly-privileged attacker to read and write arbitrary files if the path ends with 'log'. Connected sources confirm ...
CVE-2025-25266
CVE-2025-25266 affects Siemens Tecnomatix Plant Simulation V2302 (< V2302.0021) and V2404 (
CVE-2025-20119
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...
CVE-2025-20119
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...
CVE-2025-20119
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...
CVE-2025-20119 Cisco Application Policy Infrastructure Controller Authenticated Local Denial of Service Vulnerability
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...
Cisco APIC 竞争条件问题漏洞
Cisco APIC is a software from Cisco USA for automation and management of the Cisco ACI switching matrix. It allows for policy enforcement, health monitoring, network configuration, and more. A security vulnerability exists in Cisco APIC that stems from a contention condition in the handling of...
CVE-2025-27142 LocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commands
LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...
CVE-2025-25284 Path Traversal and Local File Read via VRT (Virtual Format) in ZOO-Project WPS Implementation
The ZOO-Project is an open source processing platform, released under MIT/X11 Licence. A vulnerability in ZOO-Project's WPS Web Processing Service implementation allows unauthorized access to files outside the intended directory through path traversal. Specifically, the GdalTranslate service, whe...
FreeBSD Information Disclosure Vulnerability (CNVD-2025-09230)
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. FreeBSD suffers from an information disclosure vulnerability that is caused by a failure to properly assign privileges flaw. An attacker could exploit this vulnerability to access system files...
CVE-2024-34521
A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R10240, which allows an administrative user to access system files with the file permissions of the privileged system user running the application...
The vulnerability of iPadOS and iOS operating systems lies in the improper handling of the link before accessing files. This allows attackers to gain access to read and write system files.
The vulnerability of iPadOS and iOS operating systems is related to an incorrect definition of the link before accessing a file. Exploiting this vulnerability can allow a remote attacker to gain access to read and write system files...
SAP Supplier Relationship Management 路径遍历漏洞
SAP Supplier Relationship Management is a leading procurement supply chain management software designed to help companies optimize supplier relationships and improve procurement efficiency and quality. SAP Supplier Relationship Management suffers from a path traversal vulnerability that can be...
DELL PowerProtect DD Path Traversal Vulnerability
DELL PowerProtect DD is a family of data protection storage appliances from Dell, built on the Data Domain platform and designed for enterprise-level users. The DELL PowerProtect DD suffers from a path traversal vulnerability that can be exploited by an attacker to illegally overwrite operating...
Humming Heads Defense Platform 安全漏洞
Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and prior versions that originated from a vulnerability that allows an attacker to send a specially crafted message to modify syste...