CVE-2024-38538

In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit value1 error in bridge device's xmit path by sending a short less than ETHHLEN bytes skb. To fix it check if we can actually pull that...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Hyper-V hardware virtualization system in Windows operating systems is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2024-3612 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to errors in handling relative path to directory in the Windows Hyper-V hardware virtualization system, which can be exploited by a remote attacker to execute...

Siemens RUGGEDCOM ROX Improper Neutralization of Input During Web Page Generation (CVE-2023-36389)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.16.0, RUGGEDCOM ROX MX5000RE All versions V2.16.0, RUGGEDCOM ROX RX1400 All versions V2.16.0, RUGGEDCOM ROX RX1500 All versions V2.16.0, RUGGEDCOM ROX RX1501 All versions V2.16.0, RUGGEDCOM ROX RX1510 All versions V2.16.0...

The vulnerability of Keysight N6854A geolocation server microprogramming software, related to errors in processing the relative path to the catalog, allows a intruder to execute arbitrary code.

The vulnerability of Keysight N6854A geolocation server microprogramming software is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...

The vulnerability of the UPSMON Pro monitoring system, related to errors in processing the relative path to the restricted-access catalog, allows a perpetrator to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the UPSMON Pro monitoring system is related to errors in processing the relative path to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions and gain unauthorized access to protected information...

The vulnerability of the Virtual Domains (VDOM) virtualization technology in operating systems FortiOS and proxy servers for protecting against Internet attacks by FortiProxy allows attackers to increase their privileges.

The vulnerability of the Virtual Domains VDOM virtualization technology in operating systems FortiOS and proxy servers for protecting against Internet attacks via FortiProxy is related to errors in processing relative path operations to directories. Exploiting this vulnerability can allow attacke...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 5.17, which stems from a path error...

SUSE CVE-2008-4863

Untrusted search path vulnerability in BPYinterface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySysSetArgv function...

The vulnerability in the implementation of the UserFirmwareRequestHandler class in the microprogramming software for sensors for monitoring the Keysight N6841A, as well as the microprogramming software for geolocation servers from Keysight, N6854A, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the UserFirmwareRequestHandler class implementation in the microprogramming software for sensors monitoring the Keysight N6841A spectrum, as well as the microprogramming software for geolocation servers from Keysight, the N6854A, is related to errors in processing the relativ...

The management interface of the Fortinet FortiDeceptor is vulnerable, allowing attackers to gain read, modify, or delete access to data. This vulnerability enables attackers to manipulate security measures in response to external and internal security threats.

The vulnerability of the management interface for detecting and responding to external and internal security threats in Fortinet’s FortiDeceptor involves errors in processing the relative path to the catalog. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain read...

Failed to install VDA due to "Installation of the Citrix AppExperience failed with error code 1612"

Failed to install VDA due to "Installation of the Citrix AppExperience failed with error code 1612" MSI path: C:\WINDOWS\TEMP\Ctx-5CC1B7DD-10C1-4B5B-A4B3-EA564BA32118\Extract\Image-Full\x64\Virtual Desktop Components\WS\IcaAppExpx64.msi...

curl: error parse uri path in curl

Summary: add summary of the vulnerability The uri path error could lead to security filter bypasses. For example, we can use curl -vv 'fh-jle:///etc/passwd' to bypass file protocol black list we can use curl -vv 'http://1.1.1.1:80-9000' to scan the open port in the host etc ... Steps To Reproduce...

The vulnerability of D-Link DAP-1620 wireless repeaters’ microprogramming software, related to errors in processing the relative path to the catalog, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the microprogrammed software in D-Link DAP-1620 wireless repeaters is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information through the /etc/passwd and...

The vulnerability of the daemon and the set of tools for managing virtualization via libvirt, which are related to pointer dereferencing errors, allow a perpetrator to trigger a service failure.

The vulnerability of the daemon and the set of tools for managing virtualization via Libvirt are related to an error in the storage pool selection based on its target path. Exploiting this vulnerability allows a remote attacker to trigger a service failure...

CVE-2020-14104

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50...

CVE-2020-14104

CVE-2020-14104 concerns a race condition in the XQBACKUP component of the Xiaomi router AX3600 running ROM 1.0.50, causing a decompression path error. The issue is documented across multiple sources as affecting the AX3600 with ROM 1.0.50, and it originates from a race condition in XQBACKUP. The ...

Xiaomi Xiaomi router AX3600 竞争条件问题漏洞

Xiaomi router AX3600 is a router from China-based Xiaomi. A security vulnerability exists in the Xiaomi router AX3600 ROM version 1.0.50, which originates from a decompression path error...

CVE-2019-13407

A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly...

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection, related to errors in processing the relative path to the directory, allows a hacker to execute arbitrary code.

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection lies in errors in processing the relative path to the catalog during the export of repository content into an archive. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the server by...