19 matches found
CVE-2020-5301
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...
Linux Distros Unpatched Vulnerability : CVE-2021-39134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarante...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a TOCTOU Race Condition vulnerability in Apache Tomcat [CVE-2024-56337]
Summary IBM Watson Speech Services Cartridge is vulnerable to a Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat, caused by JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. CVE-2024-56337. Apache Tomcat is used by our...
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat
CVE-2024-50379 Exploitation and POC This repository contains...
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write non-default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from...
CVE-2024-50379
Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write non-default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from...
CVE-2024-50379 Apache Tomcat: RCE due to TOCTOU issue in JSP compilation
Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write non-default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from...
Apache Tomcat 10.1.0.M1 < 10.1.34 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 10.1.34. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat10.1.34security-10 advisory. - Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomc...
CVE-2024-23331
CVE-2024-23331 (Vite) : The Vite dev server option server.fs.deny can be bypassed on case-insensitive file systems by using case-augmented filenames. The issue occurs because picomatch defaults to case-sensitive glob matching, while the file server does not, enabling a blacklist bypass and potent...
OS Command Injection
github.com/gogs/gogs is vulnerable to OS Command Injection. The vulnerability exists because the isRepositoryGitPath function of repoeditor.go does not properly check the git path on case-insensitive file systems, which allows an attacker to upload malicious file configs into the system...
CVE-2021-39134
A flaw was found in nodejs-arborist. On case-insensitive file systems such as macOS and Windows, Arborist’s internal data structure did not see multiple dependencies as separate items that could coexist within the same level in the nodemodules hierarchy when they differ only in the case of their...
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links
Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in...
GLSA-202104-01 : Git: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-202104-01 Git: User-assisted execution of arbitrary code It was discovered that Git could be fooled into running remote code during a clone on case-insensitive file systems with support for symbolic links, if Git is configured...
MGASA-2021-0137 Updated git packages fix a security vulnerability
On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone CVE-2021-21300...
Information Exposure on Case Insensitive File Systems in serve
Versions of serve before 7.0.0 are vulnerable to information exposure, bypassing the ignore security control, but only on case insensitive file systems. Recommendation Update to version 7.0.0 or later...
GHSA-686G-3XR3-X4X6 Information Exposure on Case Insensitive File Systems in serve
Versions of serve before 7.0.0 are vulnerable to information exposure, bypassing the ignore security control, but only on case insensitive file systems. Recommendation Update to version 7.0.0 or later...
Information Exposure on Case Insensitive File Systems
Overview Versions of serve before 7.0.0 are vulnerable to information exposure, bypassing the ignore security control, but only on case insensitive file systems. Recommendation Update to version 7.0.0 or later. References - HackerOne Report - GitHub Advisory...
Unrestricted file upload
FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains uppercase letters, as demonstrated...
CVE-2006-4110
Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase or alternate case characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems...