Lucene search
K

37 matches found

Positive Technologies
Positive Technologies
added 2023/09/04 12:0 a.m.5 views

PT-2023-30464 · Yonyou · Yongyou Ufida-Nc

Name of the Vulnerable Software and Affected Versions: Yongyou UFIDA-NC versions up to 20230807 Description: A critical issue has been found in the processing of the file PrintTemplateFileServlet.java, where the manipulation of the filePath argument leads to path traversal. This issue can be...

7.5CVSS6.9AI score0.00765EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/07/28 12:0 a.m.9 views

PT-2023-26740 · FFmpeg · Ffmpeg

Name of the Vulnerable Software and Affected Versions: FFmpeg versions 0.7.0 and below Description: A code injection issue was discovered in the net.bramp.ffmpeg.FFmpeg. component. This issue is exploited by passing an unchecked argument. However, it's noted that there are no realistic use cases...

9.8CVSS7.3AI score0.00781EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/07/12 12:0 a.m.5 views

PT-2023-25572

Name of the Vulnerable Software and Affected Versions Boss Mini version 1.4.0 Build 6221 Description A critical issue affects an unknown part of the file boss/servlet/document, where the manipulation of the path argument leads to file inclusion. This can be initiated remotely. Recommendations For...

9.8CVSS6.9AI score0.75206EPSS
Exploits6References7
Vulnrichment
Vulnrichment
added 2023/02/21 12:0 a.m.7 views

CVE-2023-26265

The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borgpreprocesspage in the file template.php does not properly sanitize incoming path arguments before using them...

5.2AI score0.00578EPSS
Exploits0References2
OSV
OSV
added 2022/01/14 7:15 a.m.13 views

UBUNTU-CVE-2022-23218

The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or if an application is not...

9.8CVSS7.3AI score0.04729EPSS
Exploits1References4
OSV
OSV
added 2022/01/07 12:21 a.m.14 views

GHSA-3269-X4PW-VFFG OS Command Injection in diskusage-ng

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

9.8CVSS9.7AI score0.03857EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/01/07 12:21 a.m.56 views

OS Command Injection in diskusage-ng

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

9.8CVSS9.3AI score0.03857EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2021/11/26 12:0 a.m.3 views

ARK library 输入验证错误漏洞

Bandisoft ARK library is a library from Bandisoft Korea that decompresses most of the existing compression formats such as ZIP, RAR, ALZ, EGG, etc. in various OS environments such as Windows, macOS, Linux, etc. and creates compressed files in ZIP/7Z format. A security vulnerability exists in the...

8.8CVSS8.4AI score0.00633EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/10/26 1:15 p.m.48 views

CVE-2011-2195

A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying operating system...

9.8CVSS7.2AI score0.02579EPSS
Exploits1References4
OSV
OSV
added 2020/04/06 1:15 p.m.3 views

CVE-2020-7631

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

9.8CVSS7.5AI score0.03857EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/04/06 12:18 p.m.14 views

CVE-2020-7631

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

9.8AI score0.03857EPSS
Exploits1References2
OSV
OSV
added 2018/10/24 9:29 p.m.2 views

DEBIAN-CVE-2016-10730

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing t...

7.8CVSS7.1AI score0.00558EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2014/10/06 11:0 p.m.36 views

CVE-2014-4043

The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities...

7.5CVSS7.2AI score0.03922EPSS
Exploits3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Mozilla Firefox 2.0.0.2 Document.Cookie Path Argument Denial of Service Vulnerability

No description provided by source...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/08 12:0 a.m.46 views

Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service

source: https://www.securityfocus.com/bid/22879/info Mozilla Firefox is prone to a remote denial-of-service vulnerability. An attacker may exploit this vulnerability to cause Mozilla Firefox to crash, resulting in denial-of-service conditions. Little is known regarding this vulnerability; this BI...

7AI score
Exploits0
NVD
NVD
added 2006/09/27 1:7 a.m.18 views

CVE-2006-5006

Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument...

7.2CVSS7.3AI score0.00485EPSS
Exploits0References9
OSV
OSV
added 2003/04/02 5:0 a.m.2 views

DEBIAN-CVE-2003-0165

Format string vulnerability in Eye Of Gnome EOG allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display...

4.6CVSS8AI score0.01684EPSS
Exploits2References1
Rows per page
Query Builder