86 matches found
openSUSE: Security Advisory for deepin (openSUSE-SU-2023:0424-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2023:0424-1 Security update for deepin-compressor
This update for deepin-compressor fixes the following issues: - CVE-2023-50255: Fix Zip Path Traversal boo1218428...
OPENSUSE-SU-2023:0423-1 Security update for deepin-compressor
This update for deepin-compressor fixes the following issues: - CVE-2023-50255: Fix Zip Path Traversal boo1218428...
Security update for deepin-compressor (moderate)
openSUSE Security Update: Security update for deepin-compressor Announcement ID: openSUSE-SU-2023:0423-1 Rating: moderate References: 1218428 Cross-References: CVE-2023-50255 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: Thi...
Security update for deepin-compressor (moderate)
openSUSE Security Update: Security update for deepin-compressor Announcement ID: openSUSE-SU-2023:0424-1 Rating: moderate References: 1218428 Cross-References: CVE-2023-50255 Affected Products: openSUSE Backports SLE-15-SP4 An update that fixes one vulnerability is now available. Description: Thi...
CVE-2023-5245
FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...
CVE-2023-30678
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...
Path traversal
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...
CVE-2023-30678
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...
CVE-2023-30678
CVE-2023-30678 affects the Calendar application on Android 13 prior to version 12.4.07.15, due to a potential ZIP path traversal that could allow an attacker to write arbitrary files. Impact is write access to arbitrary files; no exploitation details are provided in the documents. Remediation: up...
PT-2023-22875 · Google · Android
Name of the Vulnerable Software and Affected Versions: Calendar application versions prior to 12.4.07.15 Description: The issue allows attackers to write arbitrary files due to a potential zip path traversal vulnerability in the Calendar application. This vulnerability is present in Android 13...
CVE-2022-34271 Apache Atlas: zip path traversal in import functionality
A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0...
CVE-2022-2711
The Import any XML or CSV File to WordPress plugin before 3.6.9 is not validating the paths of files contained in uploaded zip archives, allowing highly privileged users, such as admins, to write arbitrary files to any part of the file system accessible by the web server via a path traversal vect...
CVE-2021-41547
A vulnerability has been identified in Teamcenter Active Workspace V4.3 All versions V4.3.11, Teamcenter Active Workspace V5.0 All versions V5.0.10, Teamcenter Active Workspace V5.1 All versions V5.1.6, Teamcenter Active Workspace V5.2 All versions V5.2.3. The application contains an unsafe...
CVE-2021-41547
A vulnerability has been identified in Teamcenter Active Workspace V4.3 All versions V4.3.11, Teamcenter Active Workspace V5.0 All versions V5.0.10, Teamcenter Active Workspace V5.1 All versions V5.1.6, Teamcenter Active Workspace V5.2 All versions V5.2.3. The application contains an unsafe...
Path traversal
A vulnerability has been identified in Teamcenter Active Workspace V4.3 All versions V4.3.11, Teamcenter Active Workspace V5.0 All versions V5.0.10, Teamcenter Active Workspace V5.1 All versions V5.1.6, Teamcenter Active Workspace V5.2 All versions V5.2.3. The application contains an unsafe...
CVE-2021-41547
CVE-2021-41547 affects Siemens Teamcenter Active Workspace (versions V4.3 < 4.3.11, V5.0 < 5.0.10, V5.1 < 5.1.6, V5.2
CVE-2021-41547
A vulnerability has been identified in Teamcenter Active Workspace V4.3 All versions V4.3.11, Teamcenter Active Workspace V5.0 All versions V5.0.10, Teamcenter Active Workspace V5.1 All versions V5.1.6, Teamcenter Active Workspace V5.2 All versions V5.2.3. The application contains an unsafe...
CVE-2020-4993
IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature of zip files processes data in a way that may be vulnerable to path traversal attacks. IBM X-Force ID: 192905...
Siemens Solid Edge Viewer ZIP Path Traversal Remote Code Execution Vulnerability
The vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...