Kedro 代码问题漏洞

Kedro is an open-source production-ready data science toolkit developed by Kedro. Versions of Kedro prior to 1.3.0 contained code vulnerabilities. These vulnerabilities stemmed from unvalidated log configuration file paths set through environment variables, which could lead to remote code executi...

CVE-2022-33095

74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist...

CVE-2020-10733

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add fil...

EUVD-2013-1092

Malware in sbrugna...

EUVD-2012-4682

Malware in sbrugna...

EUVD-2005-3744

Malware in sbrugna...

EUVD-2012-4293

Malware in sbrugna...

EUVD-2002-2341

Malware in sbrugna...

EUVD-2013-1739

Malware in sbrugna...

EUVD-2015-4017

Malware in sbrugna...

EUVD-2014-9237

Malware in sbrugna...

EUVD-2021-23933

Malware in sbrugna...

EUVD-2006-4980

Malware in sbrugna...

CVE-2011-5158

Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DATEV Grundpaket Basis CD23.20 allow local users to gain privileges via a Trojan horse 1 DVBSKNLANG101.dll or 2 DvZediTermSrvInfo004.dll file in the current working directory, as demonstrat...

OpenStack Ironic fails to restrict paths used for file:// image URLs

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

RLSA-2024:2396 Moderate: squashfs-tools security update

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. Security Fixes: squashfs-tools: unvalidated filepaths allow writing outside of destination CVE-2021-40153 squashfs-tools: possible Directory Traversal via...

Ubuntu 18.04 LTS / 20.04 LTS : object-path vulnerabilities (USN-5967-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5967-1 advisory. It was discovered that the set method in object-path could be corrupted as a result of prototype pollution by sending a message to the parent...

CVE-2017-9247

Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package MBDP with build ID 4657 allows local users to launch processes with elevated privileges...

CVE-2016-6167

Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse 1 UxTheme.dll or 2 ntmarta.dll file in the current working directory...

Design/Logic Flaw

Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...