58 matches found
CVE-2022-39002
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice...
CVE-2022-39002
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice...
CVE-2022-39002
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice...
Double free
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice...
CVE-2022-39002
CVE-2022-39002 describes a double free in the storage module, causing memory to be freed twice. NVD assigns CVSS 3.1 base 9.8 (CRITICAL, NETWORK/LOW complexity, no user interaction). Connected sources corroborate a storage-module double-free vulnerability; one document lists affected Huawei EMUI ...
PT-2022-24659 · Huawei · Emui +2
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a double free vulnerability in the storage module. This means that memory is freed twice, which can lead to unexpected behavior...
CVE-2021-40020
CVE-2021-40020 describes an Out-of-bounds array read in the smartphone security storage module, affecting Huawei smartphone devices. The underlying cause is an out-of-bounds read in the secure storage component, with potential impact on service confidentiality. Multiple sources reiterate the same...
CVE-2021-43800
Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special...
CVE-2021-43800
Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special...
Directory traversal
Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special...
CVE-2021-43800 Asset directory traversal with some storage modules on Windows
Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special...
Wiki.js 路径遍历漏洞
Wiki.js is Requarks.io team of a set of Node.js-based and written in JavaScript language open source Wiki software . A path traversal vulnerability exists in Wiki.js before 2.5.254, which allows directory traversal outside of the Wiki.js context when a storage module with local asset cache fetchi...
CVE-2020-15236
In Wiki.js before version 2.5.151, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is...
Directory traversal
In Wiki.js before version 2.5.151, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is...
CVE-2020-15236
CVE-2020-15236 affects Wiki.js prior to 2.5.151, enabling directory traversal when a storage module with local asset cache (e.g., Local File System or Git) is active and URL traversal isn’t blocked. The issue allowed reading arbitrary filesystem files via crafted URLs. The fix (commit 084dcd69d15...
CVE-2020-15236 Directory Traversal in Wiki.js
In Wiki.js before version 2.5.151, directory traversal outside of Wiki.js context is possible when a storage module with local asset cache fetching is enabled. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is...
Drupal Storage API Module Access Bypass Vulnerability
Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community.Storage API is one of the framework modules for managing file storage and serving. An access bypass vulnerability exists in the Drupal Storage API module. An attacker can exploit this...
DEBIAN-CVE-2013-5942
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...