28 matches found
AZL-77910 CVE-2026-1703 affecting package python-virtualenv 20.36.1-1
When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical situations...
SUSE CVE-2018-1000073
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
Windows installer (MSI) repair doesn't work when MSI package is installed on an HTTP share in Windows
Windows installer MSI repair doesn't work when MSI package is installed on an HTTP share in Windows This article describes an issue of Windows installer MSI repair that occurs after you install security update 2962490 in Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 7 Service Pack ...
rubygems: Path traversal when writing to a symlinked basedir outside of the root
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
rubygems: Path traversal when writing to a symlinked basedir outside of the root
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
rubygems: Path traversal when writing to a symlinked basedir outside of the root
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
FinalWire Ltd. AIDA64 Detection (Windows SMB Login)
Detects the installed version of FinalWire Ltd. AIDA64 for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ABB CP600 Runtime PC Detection (Windows SMB Login)
SMB login-based detection of ABB CP600 Runtime PC. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CODESYS OPC-Server Detection (Windows SMB Login)
Detects the installed version of CODESYS OPC-Server for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Omron CX-Programmer Detection (Windows SMB Login)
SMB login-based detection of Omron CX-Programmer. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
rubygems: Path traversal when writing to a symlinked basedir outside of the root
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
rubygems: Path traversal when writing to a symlinked basedir outside of the root
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
rubygems: Path traversal when writing to a symlinked basedir outside of the root
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
RubyGems Directory Traversal Vulnerability (CNVD-2018-07050)
RubyGems is a package manager for Ruby that provides a standard format for distributing Ruby programs and libraries called "gems", and is designed to make it easy to manage gem installations and the servers used to distribute them. A directory traversal vulnerability exists in the installlocation...
DEBIAN-CVE-2018-1000073
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
CVE-2018-1000073
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in installlocation function of package.rb that can result in...
HPE Sizer for Microsoft Skype for Business Server Detection (Windows SMB Login)
Detects the installed version of HPE Sizer for Microsoft Skype for Business Server. The script logs in via smb, searches for SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
ALLPlayer Detection (Windows SMB Login)
This script detects the installed version of ALLPlayer. The script logs in via smb, searches for ALLPlayer in the registry and gets the version from registry or file. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...
Microsoft SharePoint Designer Detection
Detects the installed version of Microsoft SharePoint Designer. The script logs in via smb, searches through the registry and gets the version and sets the KB. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
PHP Detection (Windows SMB Login)
SMB login and Powershell file search based detection of PHP. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...