Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1255

Malicious code in bioql PyPI...

7.2CVSS6AI score0.01525EPSS
Exploits0References15
BDU FSTEC
BDU FSTEC
added 2025/04/16 12:0 a.m.6 views

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments for electrical networks allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Data Manager component of Siemens SENTRON 7KT PAC1260 multi-functional measurement instruments related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

8.6CVSS5.9AI score0.00545EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/02/20 12:0 a.m.6 views

The vulnerability of the microprogramming software used in Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC controllers allows attackers to disclose protected information or execute arbitrary files.

The vulnerability of the microprogramming software used in Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose sensitive...

5.3CVSS7AI score0.0057EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.38 views

SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0326-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container inspect commands...

7.5CVSS6.5AI score0.02067EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.36 views

SUSE SLES15 / openSUSE 15 Security Update : cni (SUSE-SU-2022:4592-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4592-1 advisory. - CVE-2021-20206: Fixed arbitrary path injection via type field in CNI configuration bsc1181961. Tenable has extracted the...

7.2CVSS6.8AI score0.01525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.69 views

SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2022:3655-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3655-1 advisory. Buildah was updated to version 1.27.1: - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to...

9.3CVSS7AI score0.02582EPSS
Exploits2References10
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.5 views

The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the C-Bus Toolkit software exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the file loading process...

9CVSS8AI score0.40582EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2021/03/26 10:15 p.m.12 views

CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS0.01525EPSS
Exploits0References2
Prion
Prion
added 2021/03/26 10:15 p.m.21 views

Design/Logic Flaw

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

6.5CVSS6.8AI score0.01525EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2021/03/26 9:34 p.m.27 views

CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS6.5AI score0.01525EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/02/05 6:22 a.m.32 views

CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the type field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an...

7.2CVSS4AI score0.01525EPSS
Exploits0References3
OSV
OSV
added 2014/03/15 4:24 p.m.5 views

MGASA-2014-0129 Updated udisks and udisks2 packages fixes security vulnerability

A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon root CVE-2014-0004...

6.9CVSS6.7AI score0.0043EPSS
Exploits1References3
Rows per page
Query Builder