EUVD-2024-17369

Malicious code in bioql PyPI...

CVE-2024-1629

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...

OESA-2024-1616 fdupes security update

FDUPES is a program for identifying duplicate files residing within specified directories. Security Fixes: In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.CVE-2022-48682...

OESA-2024-1615 fdupes security update

FDUPES is a program for identifying duplicate files residing within specified directories. Security Fixes: In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.CVE-2022-48682...

CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...

OESA-2024-1532 fdupes security update

FDUPES is a program for identifying duplicate files residing within specified directories. Security Fixes: In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink.CVE-2022-48682...

UBUNTU-CVE-2022-48682

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink...

CVE-2022-48682

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink...

CVE-2022-48682

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink...

PT-2024-11774 · Fdupes +1 · Fdupes +1

Name of the Vulnerable Software and Affected Versions: FDUPES versions prior to 2.2.0 Description: A TOCTOU race condition in the deletefiles function allows for arbitrary file deletion via a symlink. Recommendations: For FDUPES versions prior to 2.2.0, update to version 2.2.0 or later to resolve...

CVE-2022-48682

CVE-2022-48682 affects FDUPES prior to version 2.2.0, where a TOCTOU race condition enables arbitrary file deletion via a symlink. The vulnerability detail specifies the affected component (FDUPES deletefiles) and the underlying issue (TOCTOU). Exploitation details are not provided in the documen...

CVE-2022-2431

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to insufficient file type and path validation on the deleteFiles function found in the /Admin/Menu/Packages.php file that triggers upon download post deletion...