6 matches found
CVE-2024-41163
CVE-2024-41163 affects Veertu Anka Build 1.42.0. A directory traversal flaw resides in the archive functionality, exploitable via unauthenticated HTTP requests to the registry endpoints (for example, /api/v1/registry/log/archive or /log/archive), allowing disclosure of sensitive files. CVSSv3.1 b...
CVE-2023-38633
A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside of the expected area, as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element...
Debian: Security Advisory (DSA-4747-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2343-1 : icingaweb2 security update
A directory traversal vulnerability was discovered in Icinga Web 2, a web interface for Icinga, which could result in the disclosure of files readable by the process. For Debian 9 stretch, this problem has been fixed in version 2.4.1-1+deb9u1. We recommend that you upgrade your icingaweb2 package...
Oracle Hyperion Planning 11.1.2.3 - XML External Entity
Oracle Hyperion Planning 11.1.2.3 - XML External Entity - Exploit Title: XXE Injection Oracle Hyperion - Exploit Author: Lucas Dinucci [email protected] - Twitter: @identik1t - Vendor Homepage: https://www.oracle.com/applications/performance-management - Date: 02/11/2019 - Affected Product:...
Debian: Security Advisory (DSA-3218-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...