Lucene search
K

123 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.2 views

SUSE CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

5.3CVSS6.7AI score0.01685EPSS
Exploits0References3
Samba
Samba
added 2022/10/25 12:0 a.m.60 views

Buffer overflow in Heimdal unwrap_des3()

Description The DES for Samba 4.11 and earlier and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet. Examples of where Samba can use GSSAPI include the client and...

6.5CVSS0.0369EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/08/04 12:0 a.m.5 views

The vulnerability of the Fileserver application of the Apache ActiveMQ software platform, which allows a hacker to download and execute any file they desire.

The vulnerability of the Fileserver application of the Apache ActiveMQ software platform exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to upload and execute any file using the HTTP PUT method, followed by an HTTP MOVE request...

10CVSS7.9AI score0.98518EPSS
Exploits19References6Affected Software3
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1763)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8AI score0.74042EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/05/14 1:14 a.m.40 views

Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

5CVSS9AI score0.84408EPSS
Exploits7References13Affected Software1
CISA KEV Catalog
CISA KEV Catalog
added 2022/02/10 12:0 a.m.20 views

Apache ActiveMQ Improper Input Validation Vulnerability

The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.2AI score0.98518EPSS
In wildExploits19
GithubExploit
GithubExploit
added 2021/03/11 5:54 a.m.6 views

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq

CVE-2016-3088 Apache ActiveMQ Remote Code Execution Exploit...

9.8CVSS8.7AI score0.98518EPSS
Exploits19
Veracode
Veracode
added 2020/01/30 7:42 a.m.15 views

Path Traversal

md-fileserver is vulnerable to path traversal. The attack exists through improper configuration of permissions to the files under the user's home directory of server, allowing anyone having remote access to access the other users files...

5.2AI score
Exploits0
NVD
NVD
added 2020/01/10 9:15 p.m.20 views

CVE-2012-4603

Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver...

9.3CVSS7.9AI score0.06942EPSS
Exploits0References4
CVE
CVE
added 2020/01/10 8:22 p.m.147 views

CVE-2012-4603

CVE-2012-4603 affects Citrix XenApp Online Plug-in for Windows (12.1 and earlier) and Citrix Receiver for Windows (3.2 and earlier). Reported vulnerability allows remote code execution when a user opens a specially crafted file from an SMB or WebDAV fileserver. The initial description does not sp...

9.3CVSS7.9AI score0.06942EPSS
Exploits0References4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/01 6:52 p.m.27 views

Security Bulletin: IBM Security Guardium is affected by a FileServer functionality vulnerability

Summary IBM Security Guardium has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4292 DESCRIPTION: IBM Security Guardium could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable web server. CV...

8.8CVSS2AI score0.03741EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2019/03/14 3:6 p.m.17 views

Node.js third-party modules: [md-fileserver] Path Traversal

I would like to report path traversal in md-fileserver modulee It allows an attacker to read system files via path traversal through commandline Module module name: md-fileserver version: 1.3.2 npm page: https://www.npmjs.com/package/md-fileserver Module Description Starts a local server to rende...

0.9AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2018/09/19 12:0 a.m.2 views

VulnCheck KEV: CVE-2016-3088

The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.5AI score0.98518EPSS
Exploits19References1
Tenable Nessus
Tenable Nessus
added 2018/09/19 12:0 a.m.120 views

Apache ActiveMQ 5.x < 5.14.0 ActiveMQ Fileserver web application remote code execution (Xbash)

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.14.0. It is, therefore, affected by a remote code execution vulnerability. The Fileserver web application allows remote attackers to upload and execute arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

9.8CVSS9.6AI score0.98518EPSS
Exploits19References2
Prion
Prion
added 2018/06/07 2:29 a.m.11 views

Directory traversal

cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

5CVSS7.4AI score0.02005EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/06/07 2:0 a.m.22 views

CVE-2017-16122

cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

7.4AI score0.02005EPSS
Exploits1References2
CVE
CVE
added 2018/06/07 2:0 a.m.55 views

CVE-2017-16122

Summary: CVE-2017-16122 affects the simple fileserver named cuciuci , where a directory traversal vulnerability exists via the URL containing sequences like ../. This can allow an attacker to access files outside the intended directory root, potentially disclosing private files. The issue is docu...

7.5CVSS7.4AI score0.02005EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2017/07/04 12:0 a.m.236 views

Apache ActiveMQ Fileserver remote code execution vulnerability(CVE-2016-3088)

Author: The know Chong Yu 404 laboratory 1. Background overview ActiveMQ is an Apache Software Foundation under an open source message-driven middleware software. Jetty is an open source servlet container, it is based on Java web container such as JSP and servlet to provide the running...

7.5CVSS10AI score0.98518EPSS
Exploits19
OSV
OSV
added 2017/02/06 5:59 p.m.1 views

DEBIAN-CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

5.3CVSS6.7AI score0.01685EPSS
Exploits0References1
OSV
OSV
added 2017/02/06 5:59 p.m.10 views

UBUNTU-CVE-2016-9772

OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the 1 client cache partition, 2 fileserver vice partition, or 3 certain RPC responses...

5.3CVSS6.4AI score0.01685EPSS
Exploits0References4
Rows per page
Query Builder