PT-2026-40027

Name of the Vulnerable Software and Affected Versions dovecot versions prior to 2.4.4-1.1 Description An attacker can upload a malicious Sieve script via the 'ManageSieve' service or local access to bypass configured CPU time limits for Sieve by up to 130 times the limit. This can lead to degrade...

CVE-2024-28826

Improper restriction of local upload and download paths in checksftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 EOL allows attackers with sufficient permissions to configure the check to read and write local files on the Checkmk site server...

CVE-2024-28826

Summary: CVE-2024-28826 affects Checkmk installations prior to 2.3.0p4, 2.2.0p27, 2.1.0p44, and 2.0.0 (EOL). Root cause: Improper restriction of local upload/download paths in the check_sftp function. Impact: Attackers with sufficient permissions can configure the check to read and write local fi...

Checkmk 安全漏洞

Checkmk is an editor. A security vulnerability exists in Checkmk that stems from an improperly restricted path for local uploads and downloads in the function checksftp, which allows an attacker to read and write to local files on the Checkmk site server. Affected Products and Versions:Checkmk...

AMI AptioV Code Issue Vulnerability

AMI AptioV is a firmware from AMI. A security vulnerability exists in AMI AptioV that stems from a vulnerability contained in the BIOS, where a user may be able to locally upload a dangerous type of PNG Logo file, which could be exploited by an attacker to cause a loss of system confidentiality,...

fckeditor vulnerability,through the kill PHPMPS-vulnerability warning-the black bar safety net

Reproduced retain: evil decimal URL plus /include\fckeditor\editor\filemanager\connectors\test.html connectors select php. Upload the English name of the php or asp the horse was a shell, it is simple. Upload the horse is generally not renamed, the case of the eponymous horse, then change to the...