10 matches found
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2023-45588
An external control of file name or path vulnerability CWE-73 in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process...
CVE-2024-9142 Local File Inclusion (LFI) in Olgu Computer Systems' e-Belediye
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls. This issue affects e-Belediye: before 2.0.642...
CVE-2024-23317
The CVE-2024-23317 issue affects Gallagher Controller 6000 and Controller 7000 (versions 8.60 and earlier; 8.70 before 8.70.240520a; 8.80 before 8.80.240520a; 8.90 before 8.90.240520a; 9.00 before 9.00.240521a; 9.10 before 9.10.240520a). Root cause is External Control of File Name or Path (CWE-73...
Mitsubishi Electric FA Engineering Software Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Dompdf vulnerabilities (USN-6277-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6277-1 advisory. It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstance...
CVE-2022-34765
CVE-2022-34765 is a CWE-73 vulnerability (External Control of File Name or Path) affecting Schneider Electric X80 advanced RTU Communication Module BMENOR2200H (V2.01 and later) and OPC UA Modicon Communication Module BMENUA0100 (V1.10 and prior). The issue arises when user-controlled data can in...
CVE-2021-3845 External Control of File Name or Path in netristv/ws-scrcpy
ws-scrcpy is vulnerable to External Control of File Name or Path...
QNAP Photo Station Multiple Vulnerabilities (NAS-201911-25) - Active Check
QNAP Photo Station is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
CVE-2018-1000532
beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS. This attack appear to be exploitable via The system must allow local users...