92 matches found
GHSA-VG76-XMHG-J5X3 Incus vulnerable to denial of source through crafted bucket backup file
Summary A specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a denial of service of the control plane API. This does not impact any runnin...
PT-2026-28522
Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus, a system container and virtual machine manager, contains a flaw where a specially crafted storage bucket backup can be used by a user with access to the storage bucket feature to crash the Incu...
EUVD-2007-2651
Malware in sbrugna...
EUVD-2005-2998
Malware in sbrugna...
EUVD-2006-4736
Malware in sbrugna...
EUVD-2002-0966
Malware in sbrugna...
EUVD-2005-3000
Malware in sbrugna...
EUVD-2006-4582
Malware in sbrugna...
EUVD-2002-0967
Malware in sbrugna...
EUVD-2005-2997
Malware in sbrugna...
CVE-2005-2997
Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in 1 the currentdir parameter to txt.php, or the currentdir parameter to 2 htm.php or 3 html.php...
CVE-2005-3000
Multiple cross-site scripting XSS vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the 1 font, 2 normalfontcolor, or 3 mess31 parameters...
CVE-2005-2999
PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php...
SUSE CVE-2007-2809
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274...
Malicious code in yandex-yt-transfer-manager-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5e8ad10f31088a063adf3ff93799c1850d56418c603e0af2e811977873b7ae6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-994 Malicious code in yandex-yt-transfer-manager-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5e8ad10f31088a063adf3ff93799c1850d56418c603e0af2e811977873b7ae6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview yandex-yt-transfer-manager-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable...
GHSA-C28R-HW5M-5GV3 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3
Overview A partial-path traversal issue exists within the downloadDirectory method in the AWS S3 TransferManager component of the AWS SDK for Java v1. Applications using the SDK control the destinationDirectory argument, but S3 object keys are determined by the application that uploaded the...
PT-2022-20574 · Amazon +1 · Aws Sdk For Java +1
Name of the Vulnerable Software and Affected Versions: AWS SDK for Java versions prior to 1.12.261 Description: A partial-path traversal issue exists within the downloadDirectory method in the AWS S3 TransferManager component of the AWS SDK for Java. This issue allows a knowledgeable actor to...
Amazon AWS SDK for Java 路径遍历漏洞
Amazon AWS SDK for Java is a software development kit for Amazon Web Services AWS for the Java platform from Amazon.com, Inc. A path traversal vulnerability exists in AWS SDK for Java v1 prior to version 1.12.261, which stems from the fact that AWS SDK for Java enables Java developers to work wit...