21 matches found
Daptin has Unauthenticated Path Traversal and Zip Slip
Impact The cloudstore.file.upload action in server/actions/actioncloudstorefileupload.go writes user-supplied filenames directly to disk without proper validation. This allows unauthenticated attackers to perform path traversal and zip slip attacks, leading to arbitrary file write and potential...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the cloudstore.file.upload action. An attacker can write arbitrary files to the filesystem and potentially execute code by supplying crafted filenames that exploit path traversal and zip slip vulnerabilities...
GHSA-9CP7-J3F8-P5JX Daptin has Unauthenticated Path Traversal and Zip Slip
Impact The cloudstore.file.upload action in server/actions/actioncloudstorefileupload.go writes user-supplied filenames directly to disk without proper validation. This allows unauthenticated attackers to perform path traversal and zip slip attacks, leading to arbitrary file write and potential...
EUVD-2019-9880
Malware in sbrugna...
Malicious code in CloudStore (npm)
The package CloudStore was found to contain malicious code...
MAL-2025-17186 Malicious code in CloudStore (npm)
The package CloudStore was found to contain malicious code...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
PT-2024-38524 · Unknown · Weaver E-Cology
Name of the Vulnerable Software and Affected Versions: Weaver e-cology version 8 Description: A vulnerability was found in the Source Code Handler component of Weaver e-cology, affecting an unknown function of the file /cloudstore/ecode/setup/ecology dev.zip. This issue leads to information...
The vulnerability of the Windows CloudStore storage service on Windows operating systems allows attackers to escalate their privileges.
The vulnerability of the Windows CloudStore storage service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
Privilege escalation
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
CVE-2019-1321
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL, aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'...
CVE-2019-1321
CVE-2019-1321 : An elevation-of-privilege flaw in Windows CloudStore occurs when a Discretionary Access Control List (DACL) is mishandled. Technical description across connected documents confirms the issue is a local-elevation vulnerability in Windows CloudStore. The NVD entry lists CVSS results...
Microsoft Windows Multiple Vulnerabilities (KB4520010)
This host is missing a critical security update according to Microsoft KB4520010 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows CloudStore Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List DACL. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacke...
Microsoft Windows CloudStore CVE-2019-1321 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft...