Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 9:44 p.m.7 views

CVE-2005-1847

Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...

7.5CVSS8AI score0.02081EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.4 views

SUSE CVE-2005-1847

Multiple buffer overflows in YaMT before 0.52 allow attackers to execute arbitrary code via the 1 rename or 2 sort options...

7.5CVSS8.2AI score0.02081EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.3 views

SUSE CVE-2005-1846

Multiple directory traversal vulnerabilities in YaMT before 0.52 allow attackers to overwrite arbitrary files via the 1 rename or 2 sort options...

5CVSS7.2AI score0.01236EPSS
Exploits1References3
OSV
OSV
added 2020/07/15 9:15 p.m.3 views

CVE-2020-15779

A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path...

7.5CVSS7.1AI score0.01581EPSS
Exploits1References4
OSV
OSV
added 2020/07/07 7:24 p.m.1 views

GHSA-9H4G-27M8-QJRG Path Traversal in socket.io-file

All versions of socket.io-file are vulnerable to Path Traversal. The package fails to sanitize user input and uses it to generate the file upload paths. The socket.io-file::createFile message contains a name option that is passed directly to path.join. It is possible to upload files to arbitrary...

7.5CVSS5.9AI score0.01581EPSS
Exploits1References5
Rows per page
Query Builder