@backstage/plugin-techdocs-node vulnerable to possible Path Traversal in TechDocs Local Generator

Impact A path traversal vulnerability in the TechDocs local generator allows attackers to read arbitrary files from the host filesystem when Backstage is configured with techdocs.generator.runIn: local. When processing documentation from untrusted sources, symlinks within the docs directory are...

PT-2024-2793 · Dell · Dell Unity

Name of the Vulnerable Software and Affected Versions: Dell Unity versions prior to 5.4 Description: The issue is related to a path traversal vulnerability in the svc supportassist utility of Dell Unity. An authenticated attacker could potentially exploit this vulnerability to gain unauthorized...

PT-2021-18609

Name of the Vulnerable Software and Affected Versions Kaseya VSA Unified Remote Monitoring & Management RMM version 9.5.4.2149 Description The issue allows an attacker to upload files with arbitrary content to any location the web server has write access to, including the webroot, due to an...

PT-2020-15741

Name of the Vulnerable Software and Affected Versions voidtools Everything versions prior to 1.4.1 Beta Nightly 2020-08-18 Description The issue allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. This is only relevant if low-privileged users can write to...

PT-2019-16009 · Exim +1 · Sa-Exim +1

Name of the Vulnerable Software and Affected Versions: sa-exim version 4.2.1 Description: The issue allows attackers to execute arbitrary code if they can write a .cf file or a rule. This occurs because Greylisting.pm relies on eval rather than direct parsing and/or use of the taint feature...

RHEL 6 : kernel (RHSA-2012:0481)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0481 advisory. - kernel: sysctl: restrict write access to dmesgrestrict CVE-2011-4080 - kernel: block: CLONEIO iocontext refcounting issues CVE-2012-0879 -...

Microsoft Remote Installation Service Writable Path Vulnerability

Overview A vulnerability in the way Microsoft Remote Installation Service handles TFTP may allow a remote, unauthorized attacker to create or overwrite arbitrary operating system files. Description Microsoft Remote Installation Service contains a vulnerability in the way that it provides TFTP...

Xsan Filesystem fails to properly process path names

Overview A buffer overflow vulnerability in Apple's Xsan product may allow a local attacker to run arbitrary code with root privileges or create a denial-of-service condition. Description Xsan FilesystemXsan is a Storage Area Network SAN filesystem designed for use by Apple OS X and OS X Server...