The vulnerability of the Tidal component of the Alpine iLX-507 audio system allows a hacker to execute arbitrary code.

The vulnerability of the Tidal component of the Alpine iLX-507 audio system is related to an incorrect restriction on the name path to the restricted-access catalog. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to protected information

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is associated with errors in processing the relative path to the catalog. Exploiting this vulnerability can allow unauthorized users to gain unauthorized access to protected information...

Vulnerability of the iblock module in the 1C-Bitrix website management system: Website management that allows attackers to gain unauthorized access to protected information

Vulnerability of the iblock module in the Content Management System CMS of 1C-Bitrix: Website management is associated with errors in processing the relative path to the catalog. Exploiting this vulnerability can allow unauthorized users to gain unauthorized access to protected information...

The vulnerability in the web interface of the Cisco Unified Contact Center Express software’s operator management software allows a perpetrator to escalate their privileges and execute arbitrary code.

The vulnerability in the web interface of the Cisco Unified Contact Center Express Unified CCX software for managing operator operations is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability can allow a perpetrator to enhance their privileges...

The vulnerability of the Jenkins continuous integration server’s HTML plugin arises from incorrect path name restrictions for the catalog directory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins automation server plugin is related to an incorrect restriction on the path to the catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the OAM service of the Nokia Single RAN network management platform allows a hacker to enhance their privileges.

The vulnerability of the OAM service of the Nokia Single RAN network management platform is related to incorrect restrictions on the path name to the catalog, leading to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of hybrid cloud solutions for managing thin clients in the Dell Wyse Management Suite arises from incorrect restrictions on path names to the catalog. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the hybrid cloud solution for managing thin clients in the Dell Wyse Management Suite is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protect...

The vulnerability in the visual integrated development environment for creating Mendix Studio Pro applications arises from incorrect restrictions on the path to the restricted access catalog. This allows attackers to write arbitrary files.

The vulnerability in the visual integrated development environment for creating Mendix Studio Pro applications is related to incorrect restrictions on the path to the restricted catalog during module installation. Exploiting this vulnerability allows a malicious actor to write arbitrary files...

The vulnerability of the “Termide Virtual Desktops Connection Manager” software server arises from incorrect restrictions on the path to the restricted access catalog. This allows attackers to execute attacks by bypassing the specified path.

The vulnerability of the "Termide Virtual Desktops Connection Manager" software server is related to an incorrect limitation on the path to the restricted access catalog. Exploitation of this vulnerability allows a malicious actor to perform attacks by bypassing the specified path...

VulnCheck KEV: CVE-2016-2389

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence xMII component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. dot dot in the Path parameter to /Catalog, aka SAP Security Note 2230978...

The vulnerability of the MagicINFO 9 centralized multimedia content management system lies in the improper restriction on the path name to the restricted catalog. This allows a malicious actor to gain access and add arbitrary files.

The vulnerability of the MagicINFO 9 multi-media content centralized management system is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain access and add arbitrary files...

The vulnerability of the PERCo-Web access control system, related to incorrect restrictions on the path name to the catalog, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the PERCo-Web access control system is related to incorrect restrictions on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of CommVault’s backup and disaster recovery platform, related to incorrect restrictions on the path to the restricted-access catalog, allows a perpetrator to execute arbitrary code.

The vulnerability of CommVault’s backup and disaster recovery platform lies in the improper limitation of the path name to the restricted-access catalog. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing lies in errors in the processing of the relative path to the catalog. This allows attackers to execute arbitrary code.

The vulnerability of NVIDIA NeMo’s integrated platform for training and applying neural networks in speech processing and natural language processing is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow attackers to execute arbitrary code...

The vulnerability of SAP Capital Yield Tax Management software lies in incorrect restrictions on the path to the catalog, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the SAP Capital Yield Tax Management software relates to incorrect restrictions on the path name to the catalog. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the graphical interface of the FortiSIEM security management system allows attackers to increase their privileges.

The vulnerability of the FortiSIEM security management graphical interface is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow a malicious actor to enhance their privileges through specially crafted HTTP requests...

The vulnerability of the SIEM system testing tool Kraken Stress Testing Toolkit lies in the incorrect restriction on the path name to the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the SIEM systems’ load testing tools, such as the Kraken Stress Testing Toolkit, is related to incorrect restrictions on the path name to the catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability of the N-able N-central monitoring and management platform for IT infrastructure lies in the incorrect restriction on the path name to the catalog, allowing attackers to read arbitrary files.

The vulnerability of the N-able N-central monitoring and management platform relates to an incorrect limitation on the path name for the /WEB-INF directory in the Apache Tomcat application. Exploiting this vulnerability allows a malicious actor to read arbitrary files...

The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a hacker to write these files in the context of the current user.

The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to incorrect restrictions on the path name for accessing the restricted catalog. Exploiting this vulnerability allows a malicious actor to write files under th...

The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a hacker to record these files in the context of the current user.

The vulnerability of the DCM files on the medical image and data management system, as well as those on the Sante PACS Server, is related to incorrect restrictions on the path name for accessing the restricted catalog. Exploiting this vulnerability allows a malicious actor to write files under th...