65 matches found
CVE-2022-22931 Path traversal in Apache James 3.6.1
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...
CVE-2022-22931 Path traversal in Apache James 3.6.1
Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores limited to user names being prefixed by the value of the username being used...
Nagios XI Local Elevation of Privilege Vulnerability (CNVD-2021-90916)
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A local elevation of privilege vulnerability exists in versions of Nagios XI prior to 5.8.5. The vulnerability stems from the fact tha...
CVE-2021-37347
Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument...
Privilege escalation
Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument...
CVE-2021-37347
Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because getprofile.sh does not validate the directory name it receives as an argument...
Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once
Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once. Purpose Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because...
Apple watchOS 路径遍历漏洞
Apple watchOS is an operating system for smartwatches from Apple. A path traversal vulnerability exists in watchOS, which stems from insufficient validation of directory paths. The following products and versions are affected: watchOS: 7.0 18R382, 7.0.1 18R395, 7.0.2 18R402, 7.0.3 18R410, 7.1...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. An out-of-bounds array access in xfrmpolicyunlink allows an attacker to crash the OS due to the way directory validation are handled...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4808)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4808 advisory. - floppy: fix out-of-bounds read in copybuffer Denis Efremov Orabug: 30318219 CVE-2019-14283 Tenable has extracted the preceding description block...
CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
DEBIAN-CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
Out-of-bounds
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
CVE-2019-15666
An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation...
Linux kernel out-of-bounds array access vulnerability
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions prior to 5.0.19, which stems from verifynewpolicyinfo in the net/xfrm/xfrmuser.c file failing to properly hand...
JVN#83826673: The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries
The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting provided by Micco use the old version of Self-Extracting Archives created by UNLHA32.DLL. They contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427, CVE-2018-16189. Impact Arbitrary...
Cisco Prime Collaboration Provisioning Tool Arbitrary File Overwrite Vulnerability
Cisco Prime Collaboration Provisioning Tool is a set of Web-based, next-generation communications services tools from Cisco. The tool provides IP communication services capabilities for IP telephony, voice mail and unified communications environments. A security vulnerability exists in the batch...