7 matches found
CVE-2023-53954
ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...
CVE-2025-31499
Jellyfin is an open source self hosted media server. Versions before 10.10.7 are vulnerable to argument injection in FFmpeg. This can be leveraged to possibly achieve remote code execution by anyone with credentials to a low-privileged user. This vulnerability was previously reported in...
Jellyfin 参数注入漏洞
Jellyfin is a free software media system from Jellyfin Open Source. It allows you to control the management and streaming of media. It is an alternative to the proprietary Emby and Plex and can serve media from a dedicated server to end-user devices through multiple applications. A parameter...
UBUNTU-CVE-2023-41324
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. An API user that have read access on users resource can steal accounts of other users. Users are advised t...
PT-2023-6824 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.10 Description: The issue is related to inadequate access control in the GLPI system, which provides ITIL Service Desk features, licenses tracking, and software auditing. A user with write access to another user's...
DEBIAN-CVE-2017-18869
A TOCTOU issue in the chownr package before 1.1.0 for Node.js 10.10 could allow a local attacker to trick it into descending into unintended directories via symlink attacks...
Vulnerability in Apple OS X Telephony component
Apple OS X is a specialized operating system developed by Apple for Mac computers.Telephony is one of the components that provides telephony functionality. A security vulnerability exists in the Telephony component of Apple OS X 10.10.5 and prior versions. A local attacker can exploit this...