126 matches found
CVE-2023-50327 IBM PowerSC weak security
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...
Ateme TITAN File 3.9 - SSRF File Enumeration Vulnerability
Exploit Title: Ateme TITAN File 3.9 - SSRF File Enumeration Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD,...
Ateme TITAN File 3.9 Job Callbacks Server-Side Request Forgery
Ateme TITAN File 3.9 Job Callbacks SSRF File Enumeration Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD, PostProduction, Playout and...
Ateme TITAN File 3.9 - SSRF File Enumeration
Exploit Title: Ateme TITAN File 3.9 - SSRF File Enumeration Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD,...
CVE-2023-23841
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data...
CVE-2023-23841
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data...
Cross site request forgery (csrf)
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data...
Atlassian Bitbucket 6.2.x < 6.2.7 Multiple Vulnerabilities
According to its self-reported version number, the Atlassian Bitbucket application running on the remote host is prior to 5.16.11, 6.0.x prior to 6.0.11, 6.1.x prior to 6.1.9, 6.2.x prior to 6.2.7, 6.3.x prior to 6.3.6, 6.4.x prior to 6.4.4, 6.5.x prior to 6.5.3, 6.6.x prior to 6.6.3, 6.7.x prior...
Atlassian Bitbucket 6.9.x < 6.9.1 Multiple Vulnerabilities
According to its self-reported version number, the Atlassian Bitbucket application running on the remote host is prior to 5.16.11, 6.0.x prior to 6.0.11, 6.1.x prior to 6.1.9, 6.2.x prior to 6.2.7, 6.3.x prior to 6.3.6, 6.4.x prior to 6.4.4, 6.5.x prior to 6.5.3, 6.6.x prior to 6.6.3, 6.7.x prior...
Adobe Acrobat and Reader Input Validation Error Vulnerability (CNVD-2024-25610)
Adobe Acrobat Reader is the United States of America Audobee Adobe, a PDF viewer. A security vulnerability exists in Adobe Acrobat and Reader, which can be exploited by a remote attacker to submit a special file request and trick the user into parsing it, which can cause the application to crash ...
Adobe Acrobat Reader 输入验证错误漏洞
Adobe Acrobat Reader is the United States of America Audobee Adobe, a PDF viewer. A security vulnerability exists in Adobe Acrobat and Reader, which can be exploited by a remote attacker to submit a special file request and trick the user into parsing it, which can cause the application to crash ...
CVE-2022-31089 Invalid file request can crashe parse-server
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
CVE-2022-31089 Invalid file request can crashe parse-server
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability...
Invalid file request can crash server
Impact Certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability impact may be low; if you are running Parse Server as a single instance without redundancy, the availability impact m...
GHSA-XW6G-JJVF-WWF9 Invalid file request can crash server
Impact Certain types of invalid files requests are not handled properly and can crash the server. If you are running multiple Parse Server instances in a cluster, the availability impact may be low; if you are running Parse Server as a single instance without redundancy, the availability impact m...
Authorization
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization...
Elcomplus SmartPPT Information Disclosure Vulnerability
Elcomplus SmartPPT SCADA Server is an integrated voice and data scheduling software from Elcomplus, Inc. Elcomplus SmartPPT SCADA Server 1.4 is vulnerable to an information disclosure vulnerability that could be exploited by an unauthenticated attacker to request various files from the server...
Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2024-17009)
Foxit PDF Reader is a popular PDF parsing software. Foxit PDF Reader suffers from a buffer overflow vulnerability that can be exploited by a remote attacker to submit a special file request that induces the user to parse it, which can cause the user's program to crash or can be used to execute...
Foxit PDF Reader和Foxit PDF Editor 资源管理错误漏洞
Foxit PDF Reader is a PDF reader. Foxit PDF Reader has a security vulnerability that can be exploited by remote attackers to submit a special file request, which induces the user to parse it and can crash the application or execute arbitrary code in the application context...
CVE-2021-37595
In FreeRDP before 2.4.0 on Windows, wfcliprdrserverfilecontentsrequest in client/Windows/wfcliprdr.c has missing input checks for a FILECONTENTSRANGE File Contents Request PDU...