17 matches found
WWBN AVideo 代码问题漏洞
WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained code vulnerabilities. These vulnerabilities stemmed from the downloadVideoFromDownloadURL function using the original file name and extension of the remote...
EUVD-2018-2971
Malware in sbrugna...
Arris VIP1113 安全漏洞
The Arris VIP1113 is a set-top box for high-definition IPTV services from Arris USA. A security vulnerability exists in the Arris VIP1113 version 2025-05-30 and earlier, which stems from the fact that remote file names with space characters in TFTP may lead to local file name control...
SUSE CVE-2009-3951
Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-482...
SUSE CVE-2018-10916
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...
NewStart CGSL CORE 5.05 / MAIN 5.05 : lftp Vulnerability (NS-SA-2020-0103)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...
NewStart CGSL CORE 5.04 / MAIN 5.04 : lftp Vulnerability (NS-SA-2020-0068)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...
Huawei EulerOS: Security Advisory for lftp (EulerOS-SA-2020-1756)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : lftp (EulerOS-SA-2020-1756)
According to the version of the lftp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of...
CentOS 7 : lftp (RHSA-2020:1045)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1045 advisory. - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...
Moderate: Red Hat Security Advisory: lftp security update
An update for lftp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
EulerOS 2.0 SP2 : lftp (EulerOS-SA-2019-2485)
According to the version of the lftp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the...
CVE-2018-10916
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...
ALPINE-CVE-2018-10916
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...
DEBIAN-CVE-2018-10916
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...
UBUNTU-CVE-2018-10916
It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...
CVE-2018-10916
It has been discovered that lftp does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker-controlled FTP server, resulting in the removal of all files...