Lucene search
K

10 matches found

NVD
NVD
added 2025/03/14 4:15 p.m.11 views

CVE-2023-45588

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

8.2CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/14 3:46 p.m.10 views

CVE-2023-45588

An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...

8.2CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/24 8:47 a.m.19 views

CVE-2024-9142 Local File Inclusion (LFI) in Olgu Computer Systems' e-Belediye

External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642...

9.4CVSS0.00422EPSS
Exploits0References2
CVE
CVE
added 2024/07/11 2:39 a.m.45 views

CVE-2024-23317

The CVE-2024-23317 issue affects Gallagher Controller 6000 and Controller 7000 (versions 8.60 and earlier; 8.70 before 8.70.240520a; 8.80 before 8.80.240520a; 8.90 before 8.90.240520a; 9.00 before 9.00.240521a; 9.10 before 9.10.240520a). Root cause is External Control of File Name or Path (CWE-73...

6.3CVSS6.6AI score0.00165EPSS
Exploits0References1
ICS
ICS
added 2023/11/30 7:0 a.m.25 views

Mitsubishi Electric FA Engineering Software Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...

7.8CVSS7.9AI score0.00261EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/08/08 12:0 a.m.34 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Dompdf vulnerabilities (USN-6277-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6277-1 advisory. It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstance...

9.8CVSS8AI score0.04556EPSS
Exploits2References6
CVE
CVE
added 2022/07/13 9:11 p.m.62 views

CVE-2022-34765

CVE-2022-34765 is a CWE-73 vulnerability (External Control of File Name or Path) affecting Schneider Electric X80 advanced RTU Communication Module BMENOR2200H (V2.01 and later) and OPC UA Modicon Communication Module BMENUA0100 (V1.10 and prior). The issue arises when user-controlled data can in...

5.5CVSS5.2AI score0.00485EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/01/04 4:35 p.m.21 views

CVE-2021-3845 External Control of File Name or Path in netristv/ws-scrcpy

ws-scrcpy is vulnerable to External Control of File Name or Path...

7.7AI score0.01227EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/06/02 12:0 a.m.68 views

QNAP Photo Station Multiple Vulnerabilities (NAS-201911-25) - Active Check

QNAP Photo Station is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

10CVSS9.6AI score0.89681EPSS
Exploits12References5
Cvelist
Cvelist
added 2018/06/26 4:0 p.m.31 views

CVE-2018-1000532

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users...

5AI score0.0035EPSS
Exploits0References1
Rows per page
Query Builder