UBUNTU-CVE-2025-58457

Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...

CVE-2025-58457 Apache ZooKeeper: Insufficient Permission Check in AdminServer Snapshot/Restore Commands

Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...

CVE-2025-58457

CVE-2025-58457 is an issue in ZooKeeper AdminServer where an improper permission check allows an authenticated client with insufficient privileges to run snapshot and restore commands. Affected versions are Apache ZooKeeper 3.9.0 through 3.9.3; the fix is available in 3.9.4.Mitigation steps from ...

SUSE CVE-2025-52904

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. In version 2.32.0 of the web application, all users have a scope assigned, and they only have access to the files within that scope. The Command...

CalendarixCalPath远程文件包含漏洞

Calendarix是运行在PHP和MySQL上的基于Web的日历。Calendarix在处理文件包含时存在问题，远程攻击者可能利用此漏洞在主机上执行任意命令。Calendarix中存在远程文件包含漏洞，起因是应用程序没能正确的过滤用户提供的输入。攻击者可以利用这个漏洞在受影响的机器上以Web Server进程的权限执行任意服务器端脚本。 Advanced 1.5.20050501 如果您不能立刻安装补丁或者升级， 建议您采取以下措施以降低威胁： 禁用allowurlfopen和registerglobals命令。 厂商补丁： Calendarix ----------...

PT-2001-2170 · Ipswitch · Ws Ftp

Name of the Vulnerable Software and Affected Versions: WS FTP version 2.02 Description: The issue allows remote attackers to execute arbitrary code via long arguments to several commands, including DELE, MDTM, MLST, MKD, RMD, RNFR, RNTO, SIZE, STAT, XMKD, or XRMD. Recommendations: For WS FTP...