simple-git Affected by Command Execution via Option-Parsing Bypass

Summary simple-git enables running native Git commands from JavaScript. Some commands accept options that allow executing another command; because this is very dangerous, execution is denied unless the user explicitly allows it. This vulnerability allows a malicious actor who can control the...

GHSA-JCXM-M3JX-F287 simple-git Affected by Command Execution via Option-Parsing Bypass

Summary simple-git enables running native Git commands from JavaScript. Some commands accept options that allow executing another command; because this is very dangerous, execution is denied unless the user explicitly allows it. This vulnerability allows a malicious actor who can control the...

Aim 路径遍历漏洞

Aim is an easy-to-use and high-performance open source experiment tracker from Aim Open Source USA. A path traversal vulnerability exists in AIM version 3.28.0, which stems from a path traversal vulnerability in restorerunbackup that could result in writing arbitrary files to the server file syst...

CVE-2022-38613

A Path Traversal vulnerability in SmartVista Cardgen v3.28.0 allows authenticated attackers to read arbitrary files in the system...

CVE-2024-2561

A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.phpsendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads to unrestricte...

PT-2024-21039 · 74Cms · 74Cms

Name of the Vulnerable Software and Affected Versions: 74CMS version 3.28.0 Description: A critical issue has been found in the function sendCompanyLogo of the file /controller/company/Index.phpsendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads...

CVE-2022-38613

A Path Traversal vulnerability in SmartVista Cardgen v3.28.0 allows authenticated attackers to read arbitrary files in the system...

SmartVista Cardgen 路径遍历漏洞

SmartVista Cardgen is a complete subsystem for magnetic and smart chip EMV card personalization from SmartVista. A security vulnerability exists in SmartVista Cardgen version v3.28.0, which stems from a path traversal vulnerability that allows an authenticated attacker to read arbitrary files on...

PT-2022-24480 · Unknown · Smartvista Cardgen

Name of the Vulnerable Software and Affected Versions: SmartVista Cardgen version 3.28.0 Description: A Path Traversal issue allows authenticated attackers to read arbitrary files in the system. Recommendations: For SmartVista Cardgen version 3.28.0, consider restricting access to sensitive files...

BPC SmartVista 跨站脚本漏洞

BPC SmartVista is an end-to-end solution for electronic payment systems. A security vulnerability exists in BPC SmartVista version 3.28.0, which stems from its handling of error messages and allows an attacker to execute javascript code on the client side...

PT-2022-4411 · Bpc · Bpc Smartvista

Name of the Vulnerable Software and Affected Versions: BPC SmartVista version 3.28.0 Description: The issue concerns reflected XSS vulnerabilities in error message handling, allowing an attacker to execute JavaScript code on the client side. Additionally, there is a vulnerability in the SmartVist...

OPENSUSE-SU-2019:1372-1 Security update for sqlite3

This update for sqlite3 to version 3.28.0 fixes the following issues: Security issues fixed: - CVE-2019-9936: Fixed a heap-based buffer over-read, when running fts5 prefix queries inside transaction bsc1130326. - CVE-2019-9937: Fixed a denial of service related to interleaving reads and writes in...