CVE-2024-24496

An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components...

CVE-2024-46464

In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user access can be manipulated to render the host computer unavailable or to execute programs with an elevation of privilege...

PHPVibe Code Issue Vulnerability

PHPVibe is a free video management system from PHPVibe, Inc. A code issue vulnerability exists in PHPVibe version 11.0.46, which stems from a manipulation of parameter files that can lead to unrestricted file uploads...

CVE-2024-1511

The parisneo/lollms-webui repository is susceptible to a path traversal vulnerability due to inadequate validation of user-supplied file paths. This flaw allows an unauthenticated attacker to read, write, and in certain configurations execute arbitrary files on the server by exploiting various...

CVE-2023-2315 Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2

Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server...

CVE-2023-23342

If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented...

Input validation

If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented...

CVE-2023-29749

An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the SharedPreference files...

CVE-2023-25396

Privilege escalation in the MSI repair functionality in Caphyon Advanced Installer 20.0 and below allows attackers to access and manipulate system files...

CVE-2022-4030

The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the 'file' parameter which can be manipulated during user avatar deletion. This makes it possible with attackers, with minimal permissions such as a subscriber, to supply paths to...

Publify vulnerable to cross site scripting

Unrestricted file upload allowed the attacker to manipulate the request and bypass the protection of HTML files using a text file. Stored XSS may be obtained...

[SECURITY] Fedora 34 Update: libxml2-2.9.14-1.fc34

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

ALSA-2022:1810 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: a buffer overflow via the "invertImage" may lead to DoS CVE-2020-19131 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

Code injection

In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. An attacker with low privileges may trick a user with administrative privileges to execute these binaries as admin...

CVE-2022-20716

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on...

Mozilla Firefox Security Advisory (MFSA2015-24) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Low: zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: infinite loop via the return value of zzipfileread as used in unzzipcatfile CVE-2020-18442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...

RLSA-2020:4634 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: integer overflow leading to heap-based buffer overflow in tifgetimage.c CVE-2019-17546 For more details about the security issues, including the impact, a CVSS score,...

[SECURITY] [DSA 4675-1] graphicsmagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4675-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 05, 2020 https://www.debian.org/security/faq -...