Lucene search
K

216 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.8 views

The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.

The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...

7.8CVSS5.5AI score0.14944EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.6 views

The vulnerability of the server for the Continuous Integration and Delivery (CI/CD) system GoCD arises due to an incorrect path name limitation for the restricted access directory. This allows a malicious actor to execute arbitrary code.

The vulnerability of the CI/CD GoCD server exists due to an incorrect pathname limitation for the access-controlled directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

5.5CVSS5.9AI score0.00546EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.7 views

The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.

The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...

5.3CVSS5.5AI score0.00763EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.7 views

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

10CVSS8.1AI score0.03189EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.7 views

The vulnerability of the Ivanti EPM endpoint management software lies in the incorrect limitation of the path name in the catalog, allowing a malicious actor to execute remote code.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability allows a remote attacker to execute malicious code remotely...

9CVSS7.4AI score0.0275EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/18 12:0 a.m.9 views

Vulnerability of Veeam Backup & Replication virtual and physical systems, related to incorrect restrictions on path names to the restricted access catalog, allows attackers to increase their privileges (LPE).

The vulnerability in Veeam Backup & Replication and physical systems is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to increase their privileges LPE...

7.8CVSS7.2AI score0.0029EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.8 views

The vulnerability of the IP Routing Management Snapin, a service for managing IP routing on Microsoft Windows operating systems, allows a hacker to execute arbitrary code.

The vulnerability of the IP Routing Management Snapin service for Microsoft Windows operating systems is related to incorrect path name restrictions in the restricted access directory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

9CVSS5.9AI score0.01703EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.7 views

The vulnerability of Ollama’s system for running and managing large language models lies in the improper restriction on the path name to the restricted-access catalog, which allows a violator to trigger a service failure.

The vulnerability of the Ollama system for running and managing large language models is related to an incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...

7.8CVSS8.1AI score0.03938EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.7 views

The vulnerability of the File Explorer application (formerly Windows Explorer) of Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the File Explorer application formerly Windows Explorer in Microsoft Windows operating systems is related to incorrect path name restrictions for restricted access directories. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

7.1CVSS6.6AI score0.01569EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/10 12:0 a.m.9 views

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series lies in improper name restrictions for path entries to the catalog. This allows unauthorized access by attackers to resources and enables them to modify them.

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to incorrect restrictions on path names to the catalog. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

10CVSS5.5AI score0.00543EPSS
Exploits0References2Affected Software4
Redos
Redos
added 2024/12/03 12:0 a.m.20 views

ROS-20241203-20

Apache Ivy package manager vulnerability is related to incorrect path name restriction to a directory with a restricted directory. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to the file system Apache Ivy package manager vulnerability is...

9.1CVSS7.3AI score0.01819EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.10 views

The vulnerability of microprogrammed software in industrial routers of the SCALANCE M-800 family (including S615, MUM-800, and RM1224) arises from incorrect restrictions on path names in the limited-access catalog, allowing attackers to influence the integrity of the system.

The vulnerability of microprogrammed software in industrial routers of the SCALANCE M-800 family including S615, MUM-800, and RM1224 is related to incorrect restrictions on path names in the limited-access catalog. Exploiting this vulnerability can allow a malicious actor to influence the integri...

5CVSS7.4AI score0.00265EPSS
Exploits0References3Affected Software18
BDU FSTEC
BDU FSTEC
added 2024/11/20 12:0 a.m.9 views

The vulnerability of Palo Alto Networks’ operating system PAN-OS relates to incorrect path name restrictions for restricted access directories, allowing attackers to escalate their privileges.

The vulnerability of Palo Alto Networks’ operating system PAN-OS relates to incorrect restrictions on path names in restricted access directories. Exploiting this vulnerability can allow attackers to increase their privileges...

6.2CVSS6.8AI score0.00474EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.9 views

WordPress plugin Global Gateway e4 | Payeezy Gateway 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A path traversal vulnerability exists in the WordPress plug...

8.6CVSS8.2AI score0.00565EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.7 views

The vulnerability of the Ivanti Cloud Services Appliance’s network interface, related to incorrect path name restrictions for the restricted access catalog, allows attackers to escalate their privileges.

The vulnerability of the Ivanti Cloud Services Appliance relates to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS7.5AI score0.1565EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/16 12:0 a.m.6 views

The vulnerability of the allowPassThrough method implemented in the Ivanti Avalanche mobile device management system allows a hacker to circumvent existing security restrictions.

The vulnerability of the allowPassThrough method in the Ivanti Avalanche mobile device management system is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions...

7.5CVSS7.1AI score0.37965EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/02 12:0 a.m.6 views

The vulnerability of the Rockwell Automation Pavilion8 platform’s simulation, control, and optimization functions arises from an improper limitation on the path name to the restricted access catalog. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Rockwell Automation Pavilion8 platform for simulation, control, and optimization is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

10CVSS5.9AI score0.00956EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2024/09/27 12:0 a.m.19 views

ROS-20240927-06

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

8.8CVSS9.1AI score0.20472EPSS
Exploits0
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.7 views

Vidco VOC TESTER 路径遍历漏洞

Vidco VOC TESTER is a process management software from Vidco. A path traversal vulnerability exists in Vidco VOC TESTER versions prior to 12.34.8, which stems from an improper restriction on path names that allows path traversal...

9.2CVSS6.7AI score0.00524EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/08/12 12:0 a.m.7 views

The vulnerability of the Jenkins Automation Remoting server library allows for the execution of arbitrary code.

The vulnerability of the Jenkins Automation Remoting server library is related to deficiencies in path name restrictions for restricted access catalogs. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading class and resource files from the controller via...

9CVSS7.4AI score0.28782EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder