ROS-20260608-73-0014

The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

The vulnerability of Nokia’s Single Radio Access Network management platform lies in the improper limitation of the path name to the restricted access catalog. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Nokia Single RAN network management platform lies in the improper limitation of the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the FUN_0040fffc function in the microprogramming software for ZyXEL AMG1302-T10B allows a hacker to write arbitrary files.

The vulnerability of the FUN0040fffc function in the microprogramming software for ZyXEL AMG1302-T10B is related to an incorrect limitation on the path name when processing the SESSIONID parameter. Exploiting this vulnerability allows a remote attacker to write arbitrary files by sending speciall...

The vulnerability of the gp_open_scratch_file_impl() function in the files base/gp_mswin.c and base/winrtsup.cpp of the Ghostscript processing, conversion, and generation software suite allows a malicious actor to read arbitrary files.

The vulnerability of the gpopenscratchfileimpl function in the base/gpmswin.c and base/winrtsup.cpp files of the Ghostscript processing, conversion, and generation software suite is related to an incorrect path name limitation. Exploiting this vulnerability could allow a remote attacker to read...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...

The vulnerability of the DevTools set of tools for web development in Google Chrome allows a hacker to bypass security restrictions.

The vulnerability of the DevTools set of tools for web development in the Google Chrome browser is related to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions remotely...

The vulnerability of the Rockwell Automation Pavilion8 platform’s simulation, control, and optimization functions arises from an improper limitation on the path name to the restricted access catalog. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability of the threat detection mechanism for Microsoft Defender for IoT involves an incorrect path name limitation, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Defender for IoT’s threat detection mechanism is related to an incorrect path name limitation when loading tar-format files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the pgAdmin 4 database management tool arises from an incorrect path name limitation for the restricted access directory, allowing a hacker to execute arbitrary code.

The vulnerability of the pgAdmin 4 database management tool exists due to an incorrect limitation on the path name for the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the software for X-Rite’s MAT 6 Kohinoor integrated spectrophotometers arises from an incorrect limitation on the path name to the restricted access catalog. This allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The software vulnerability of the X-Rite MAT 6 Kohinoor spectrometer exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protecte...

The vulnerability of the samba networking interaction software library smbd, which allows a hacker to trigger a service failure.

The vulnerability of the samba networking software library smbd is related to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the software for controlling protection devices and monitoring power systems, SEL-5036 acSELerator Bay Screen Builder, is related to deficiencies in path name limitation. This allows attackers to access confidential information.

The vulnerability of the software for controlling protection devices and monitoring power systems, SEL-5036 acSELerator Bay Screen Builder, is related to deficiencies in path name limitation. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...

The vulnerability of the WEB_DisplayPage() function in D-Link’s wireless access points DAP-2020 and DAP-1360 allows a intruder to gain unauthorized access to protected information.

The vulnerability of the WEBDisplayPage function in D-Link’s wireless access points DAP-2020 and DAP-1360 is related to an incorrect limitation on the path name to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected...

The vulnerability of Advantech R-SeeNet router microprogramming software arises due to an incorrect limitation on the path name to the restricted access catalog. This allows a hacker to delete any arbitrary files.

The vulnerability of Advantech R-SeeNet router microprogramming software exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to delete arbitrary files remotely...

The vulnerability of the C-Bus Toolkit software lies in the improper limitation of the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the C-Bus Toolkit software is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow a attacker to execute arbitrary code using a specially created malware file or a specially created malicious web pag...

The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a malicious individual to read or write arbitrary files within the system.

The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to remotely read or write arbitrary files in the system by sending a specially crafted HTTP reques...

The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Xen Management Tool DoS (XSA-323)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a denial of service vulnerability due to a bad path name limit in oxenstored. A malicious guest administrator can exploit this, by creating paths in the guest's own namespace that are too...

The vulnerability of the command-line interface (CLI) of the programmatically defined Cisco SD-WAN network allows a attacker to trigger a service failure.

The vulnerability of the command-line interface CLI of the programmatically defined Cisco SD-WAN network is related to an incorrect path name limitation for the directory. Exploiting this vulnerability could allow a attacker to cause service failures...

The vulnerability in the web-based management interface of Cisco SD-WAN allows a malicious actor to gain unauthorized access to protected information.

The vulnerability in the Cisco SD-WAN programmatically-defined network management web interface is related to an incorrect path name limitation for accessing the directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...