Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.6 views

CVE-2024-52793

The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, http/file-server's serveDir with showDirListing: true option is vulnerable to cross-site scripting when the attacker is a user who can control file names in the source directory on systems with POSIX file names...

5.1CVSS6.2AI score0.00587EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/07/08 11:12 a.m.4 views

less: OS command injection

An OS command injection flaw was found in Less. Since quoting is mishandled in filename.c, opening files with attacker-controlled file names can lead to OS command execution. Exploitation requires the LESSOPEN environment variable, which is set by default in many common cases...

8.6CVSS6.8AI score0.00628EPSS
Exploits0References6
OSV
OSV
added 2024/04/13 3:15 p.m.38 views

CVE-2024-32487

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

8.6CVSS6.4AI score
Exploits0References6
CVE
CVE
added 2024/04/13 12:0 a.m.210 views

CVE-2024-32487

CVE-2024-32487 affects the less utility. The issue allows OS command execution via a newline character in a file name due to faulty quoting in filename.c (affecting versions up to 653). Exploitation typically requires attacker-controlled file names (e.g., from an untrusted archive) and the LESSOP...

8.6CVSS9.2AI score0.00628EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2019/10/25 12:0 a.m.3 views

PT-2019-6064 · Qnap · Qnap Photo Station

Name of the Vulnerable Software and Affected Versions: QNAP Photo Station affected versions not specified Description: This issue allows remote attackers to access or modify system files due to external control of file name or path. It is related to incorrect limitation of the directory path name...

10CVSS9.5AI score0.88213EPSS
Exploits10References8
Rows per page
Query Builder