Lucene search
K

6 matches found

BDU FSTEC
BDU FSTEC
added 2024/11/08 12:0 a.m.4 views

The vulnerability of the fs.mkdtemp() and fs.mkdtempSync() methods in the Node.js software platform allows a hacker to create arbitrary directories.

The vulnerability of the fs.mkdtemp and fs.mkdtempSync methods in the Node.js software platform is related to incorrect path name restrictions for restricted-access directories. Exploiting this vulnerability could allow an attacker to create arbitrary directories remotely...

5.3CVSS6.7AI score0.01048EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/02/06 12:0 a.m.9 views

The vulnerability of the aiohttp HTTP client, related to incorrect path name restrictions for restricted access directories, allows attackers to gain unauthorized access to protected information.

The vulnerability of the aiohttp HTTP client is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS6.6AI score0.76875EPSS
Exploits15References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.7 views

The vulnerability of the distributed Git version control system, related to the improper restriction on the path name of the restricted access directory, allows a violator to re-record any files in the system.

The vulnerability of the distributed Git version control system relates to the input of processed input data—the path outside the working tree may be rewritten by a user who runs “git apply”. Exploiting this vulnerability allows an attacker to rewrite any files in the system at will...

7.8CVSS6.8AI score0.01144EPSS
Exploits3References11Affected Software8
BDU FSTEC
BDU FSTEC
added 2022/08/24 12:0 a.m.6 views

The vulnerability of the software for designing and configuring Connected Components Workbench controllers arises from incorrect restrictions on the path to the restricted-access directory. This allows attackers to escalate their privileges.

The vulnerability of the software for designing and configuring Connected Components Workbench controllers is related to incorrect path name restrictions in the restricted access catalog during file syntax analysis. Exploiting this vulnerability can allow attackers to increase their privileges...

7.7CVSS7.6AI score0.02745EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/05/11 12:0 a.m.8 views

The vulnerability in the implementation of the unTar() function for the distributed development and execution platform of Apache Hadoop allows a hacker to write arbitrary files.

The vulnerability of the unTar function implementation in the distributed development and execution platform for Apache Hadoop is related to deficiencies in checking the path name of the restricted-access directory. Exploiting this vulnerability could allow an attacker to write arbitrary files...

10CVSS8AI score0.04292EPSS
Exploits1References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/25 12:0 a.m.3 views

The vulnerability of the RubyGems package management system’s installation mechanism allows a hacker to write any files into the device’s file system.

The vulnerability of the RubyGems package management system is related to errors in restricting the path name of the restricted directory. Exploiting this vulnerability could allow an attacker to write any files into the device’s file system...

5.5CVSS6.8AI score0.02876EPSS
Exploits0References13Affected Software5
Rows per page
Query Builder