CVE-2022-46660

An unauthorized user could alter or write files with full control over the path and content of the file...

Proficy Historian 代码问题漏洞

GE Digital Proficy Historian is a powerful tool with storage analysis and data collection capabilities from GE Digital. A code issue vulnerability exists in Proficy Historian v7.0 and prior versions, which arises from a code issue that allows an unauthorized user to change or write files with ful...

CVE-2022-46660

An unauthorized user could alter or write files with full control over the path and content of the file...

CVE-2020-36611

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components allows local users to read and write specific...

PT-2023-1154 · Ge · Proficy Historian

Name of the Vulnerable Software and Affected Versions: GE Proficy Historian affected versions not specified Description: The issue is related to the implementation of the MSO protocol in the GE Proficy Historian platform, which allows for unlimited upload of dangerous file types. This could enabl...

CVE-2022-3184

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the device’s existing firmware allows unauthenticated users to access an old PHP page vulnerable to directory traversal, which may allow a user to write a file to the webroot directory...

SUSE SLES15 Security Update : buildah (SUSE-SU-2022:4349-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4349-1 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building ...

多款Hitachi产品安全漏洞

Hitachi Ops Center Analyzer and Hitachi Infrastructure Analytics Advisor are both products of Hitachi, Japan.Hitachi Ops Center Analyzer is a data center management software. It monitors, reports, and correlates end-to-end performance from servers to storage.Hitachi Infrastructure Analytics Advis...

Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞

Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the U.S. company Cisco Cisco.Cisco RoomOS Software is a set of automatic management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisc...

Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞

Cisco RoomOS Software and Cisco TelePresence Collaboration Endpoint Software are both products of the U.S. company Cisco Cisco.Cisco RoomOS Software is a set of automatic management software for Cisco devices. The software is mainly used for upgrading and managing the motherboard firmware of Cisc...

Huawei HarmonyOS 代码问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, full-scenario distributed operating system. Huawei HarmonyOS is vulnerable to a deserialization vulnerability in the NFC module that results from insecure deserialization of serialized data submitted by th...

CVE-2022-27621

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors...

CVE-2022-27621

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in webapi component in Synology USB Copy before 2.2.0-1086 allows remote authenticated users to read or write arbitrary files via unspecified vectors...

CVE-2022-36987

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server...

ABB Mint WorkBench 安全漏洞

ABB Mint WorkBench is a single Windows tool from ABB Switzerland that is compatible with the ABB family of motion controllers and servo drives. A security vulnerability exists in ABB Mint WorkBench 5866 and prior versions that originated from allowing a low-privileged attacker to create and write...

ABB Drive Composer 后置链接漏洞

ABB Drive Composer is a 32-bit Windows application from ABB Switzerland. It is used to commission and maintain ABB Common Architecture drives. ABB Drive Composer is affected by a security vulnerability that originates from a vulnerability that allows an attacker with low privileges to create and...

Dragonfly 参数注入漏洞

Dragonfly is a framework that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly version v1.3.0, which can be exploited by an attacker to read and write arbitrary files...

CVE-2022-20809 Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

CVE-2022-20809

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

CVE-2022-20806

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...