EUVD-2018-4984

Malware in sbrugna...

EUVD-2023-37528

Malicious code in bioql PyPI...

EUVD-2022-29985

Malicious code in bioql PyPI...

CVE-2023-33365

A path traversal vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows unauthenticated attackers to fetch arbitrary files from the server's web server...

JSA10470 - Pre-authentication CGI script fails to fully validate all parameters

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. CGI scripts accessible during pre-authentication may fail to verify the validity of values supplied as parameters. This could lead to the arbitrary fetching of ".exe" files from the...

Remote code execution in dependabot-core branch names when cloning

Impact Remote code execution vulnerability in dependabot-common and dependabot-gomodules when a source branch name contains malicious injectable bash code. For example, if Dependabot is configured to use the following source branch name: "/$curl,127.0.0.1", Dependabot will make a HTTP request to...

CVE-2020-7758

This affects versions of package browserless-chrome before 1.40.2-chrome-stable. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server...

Design/Logic Flaw

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

NetBSD tnftp fetch.c fetch_url Command Execution (CVE-2014-8517)

A command execution vulnerability has been reported in NetBSD tnftp. The vulnerability is due to insufficient validation of the ftp output file name when using an HTTP URI to fetch files. A remote, unauthenticated attacker could exploit this vulnerability by enticing a user to open a malicious UR...

[Full-disclosure] Torrential 1.2 getdox.php Directory Traversal

I was poking around my own server because I had an installation of torrential and found this vuln. The problem lies in getdox.php. It works by taking an argument after a "/". This specifies a file. The DOX folder that it grabs the files from is located int /dox such that / is the directory that t...