4 matches found
CVE-2025-11913
CVE-2025-11913 affects Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The vulnerability is in the Download function of the file /Service.do?Action=Download, where manipulation of the Path argument leads to path traversal. It can be exploited remotely and the exploit has been disclosed public...
UBUNTU-CVE-2018-12475
A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...
CVE-2019-8982
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF...
DEBIAN-CVE-2006-2875
Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...