EUVD-2024-17369

Malicious code in bioql PyPI...

CVE-2024-1629

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...

CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component...

PT-2024-11774 · Fdupes +1 · Fdupes +1

Name of the Vulnerable Software and Affected Versions: FDUPES versions prior to 2.2.0 Description: A TOCTOU race condition in the deletefiles function allows for arbitrary file deletion via a symlink. Recommendations: For FDUPES versions prior to 2.2.0, update to version 2.2.0 or later to resolve...

CVE-2022-2431

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to insufficient file type and path validation on the deleteFiles function found in the /Admin/Menu/Packages.php file that triggers upon download post deletion...