22 matches found
EUVD-2010-1160
Malware in sbrugna...
EUVD-2002-0452
Malware in sbrugna...
EUVD-2016-5756
Malware in sbrugna...
SUSE CVE-2011-2225
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh...
CVE-2022-46255
An improper limitation of a pathname to a restricted directory vulnerability was identified in GitHub Enterprise Server that enabled remote code execution. A check was added within Pages to ensure the working directory is clean before unpacking new content to prevent an arbitrary file overwrite...
The vulnerability of TheFuck programming language package, related to deficiencies in pathname restrictions for directories, allows attackers to compromise data integrity and cause service failures.
The vulnerability of TheFuck programming language package is related to deficiencies in pathname restrictions for directories. Exploiting this vulnerability can allow a malicious actor to compromise data integrity and cause service failures...
The vulnerability of the django.utils.archive.extract method in the Django framework, related to deficiencies in pathname restrictions for directories, allows attackers to compromise data integrity.
The vulnerability of the django.utils.archive.extract method in the Django framework is related to shortcomings in pathname restrictions. Exploiting this vulnerability could allow an attacker to compromise data integrity...
CVE-2020-28010
Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...
The vulnerability of the YARN NodeManager component in Apache Hadoop’s distributed development and execution platform allows attackers to circumvent existing security restrictions and introduce malicious code into a zip file.
The vulnerability of the YARN NodeManager component in Apache Hadoop distributed development and execution platforms exists due to an incorrect pathname limitation for the restricted access directory. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions...
CVE-2016-4771
The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname...
CVE-2016-4771
The kernel in Apple iOS before 10 and OS X before 10.12 allows local users to bypass intended file-access restrictions via a crafted directory pathname...
CVE-2011-2225
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh...
Design/Logic Flaw
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh...
CVE-2011-2225
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh...
Design/Logic Flaw
The safemode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / slash character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function...
CVE-2010-1129
The safemode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / slash character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function...
CVE-2010-1129
The CVE-2010-1129 issue is in PHP’s safe_mode, where directory pathnames without a trailing slash are not handled correctly, allowing a context-dependent attacker to bypass access restrictions via tempnam usage. Affected: PHP versions before 5.2.13. Mitigation: upgrade to PHP 5.2.13 or later (as ...
CVE-2010-1129
The safemode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / slash character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function...
CVE-2009-1435
CVE-2009-1435 describes a local denial-of-service vulnerability in Trend Micro OfficeScan Client. The issue affects the NTRtScan.exe component on OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1, where an attacker with local access can cause an application crash by crafting directories with long pat...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...