11 matches found
EUVD-2021-16408
Malware in sbrugna...
EUVD-2024-35878
Malicious code in bioql PyPI...
CVE-2024-36079
CVE-2024-36079 concerns Vaultize 21.07.27. The vulnerability arises because the upload flow does not validate the provided filename parameter, allowing a temporary file to be created outside the specified directory when the file is downloaded. An authenticated user could exploit this by uploading...
CVE-2024-36079
An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with ...
PT-2024-26887 · Vaultize · Vaultize
Name of the Vulnerable Software and Affected Versions: Vaultize version 21.07.27 Description: An issue was discovered in the software where there is no check that the filename parameter is correct when uploading files. As a result, a temporary file will be created outside the specified directory...
SUSE CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
DEBIAN-CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
[Full-Disclosure] WinHKI BH File Incorrect Filename Handeling Leads to 100 CPU%
Application: WinHKI Vendors: http://www.webtoolmaster.com Versions: 1.4d Platforms: Windows Bug: BH File Incorrect Filename Handeling Leads to 100 CPU Exploitation: Local extract file Date: 24 Dec 2004 Author: Rafel Ivgi, The-Insider E-Mail: [email protected] Website:...