Lucene search
K

28 matches found

NVD
NVD
added 2026/01/09 8:15 a.m.6 views

CVE-2025-69194

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

9.8CVSS0.00707EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-1024

Malware in sbrugna...

7.1CVSS6.3AI score0.01732EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-1539

Malware in sbrugna...

4.3CVSS6AI score0.03159EPSS
Exploits0References23
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.4 views

SUSE CVE-2010-1000

Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

5.8CVSS7.1AI score0.03849EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.3 views

SUSE CVE-2010-1512

Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

4.3CVSS7.1AI score0.03159EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2012/02/24 12:0 a.m.34 views

Orbit Downloader URL Unicode Conversion Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Orbit Downloader...

10CVSS6.5AI score0.6749EPSS
Exploits10
Exploit DB
Exploit DB
added 2012/02/23 12:0 a.m.34 views

Orbit Downloader - URL Unicode Conversion Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Orbit Downloader...

10CVSS7AI score0.6749EPSS
Exploits10
Metasploit
Metasploit
added 2012/02/21 9:36 p.m.38 views

Orbit Downloader URL Unicode Conversion Overflow

This module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting a URL ascii string to unicode in an insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit...

10CVSS0.7AI score0.6749EPSS
Exploits10
Cvelist
Cvelist
added 2011/04/27 12:0 a.m.33 views

CVE-2011-1586

Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. dot dot in the name attribute of a file element in a metalink file. NOTE: this...

9.5AI score0.03119EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2011/04/21 4:53 p.m.5 views

kdenetwork: incomplete fix for CVE-2010-1000

Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. dot dot in the name attribute of a file element in a metalink file. NOTE: this...

5.8CVSS5.9AI score0.03849EPSS
Exploits0References4
NVD
NVD
added 2010/05/27 10:30 p.m.8 views

CVE-2010-2104

Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 allows user-assisted remote attackers to write arbitrary files via a metalink file containing directory traversal sequences in the name attribute of a file element...

4.3CVSS6.7AI score0.02956EPSS
Exploits0References3
Cvelist
Cvelist
added 2010/05/27 10:0 p.m.17 views

CVE-2010-2104

Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 allows user-assisted remote attackers to write arbitrary files via a metalink file containing directory traversal sequences in the name attribute of a file element...

6.7AI score0.02956EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/05/19 12:0 a.m.31 views

Mandriva Linux Security Advisory : kdenetwork4 (MDVSA-2010:098)

Multiple vulnerabilities has been discovered and fixed in kget kdenetwork4 : Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

6.4CVSS5.7AI score0.03849EPSS
Exploits0References3
OSV
OSV
added 2010/05/17 9:0 p.m.0 views

DEBIAN-CVE-2010-1512

Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

4.3CVSS7.1AI score0.03159EPSS
Exploits0References1
NVD
NVD
added 2010/05/17 9:0 p.m.13 views

CVE-2010-0999

Directory traversal vulnerability in Free Download Manager FDM before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

7.1CVSS6.6AI score0.01732EPSS
Exploits0References6
NVD
NVD
added 2010/05/17 9:0 p.m.8 views

CVE-2010-1512

Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

4.3CVSS6.5AI score0.03159EPSS
Exploits0References19
NVD
NVD
added 2010/05/17 9:0 p.m.17 views

CVE-2010-1511

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file...

6.4CVSS6.7AI score0.03323EPSS
Exploits0References16
NVD
NVD
added 2010/05/17 9:0 p.m.16 views

CVE-2010-1000

Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

5.8CVSS6.8AI score0.03849EPSS
Exploits0References21
Prion
Prion
added 2010/05/17 9:0 p.m.14 views

Directory traversal

Directory traversal vulnerability in Free Download Manager FDM before 3.0.852 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

7.1CVSS7.2AI score0.01732EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2010/05/17 9:0 p.m.9 views

Directory traversal

Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file...

4.3CVSS7AI score0.03159EPSS
Exploits0References19Affected Software1
Rows per page
Query Builder