4 matches found
Axis Communications AXIS OS Improper Neutralization of Wildcards or Matching Symbols (CVE-2024-0054)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX APIs locallist.cgi, createoverlay.cgi and irissetup.cgi were vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for this flaw. This plugin only works with...
SUSE CVE-2022-49768
In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...
UBUNTU-CVE-2022-49768
In the Linux kernel, the following vulnerability has been resolved: 9p: transfd/p9conncancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier...
Directory traversal
Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain an issue in the path parameter of the list and download module which allows attackers to perform a directory traversal via a change to the path variable to request the local list command...