7 matches found
CVE-2026-34733 AVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI Guard
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the AVideo installation script install/deleteSystemdPrivate.php contains a PHP operator precedence bug in its CLI-only access guard. The script is intended to run exclusively from the command line, but the guard condition...
Linux Distros Unpatched Vulnerability : CVE-2021-29429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by...
Linux Distros Unpatched Vulnerability : CVE-2022-24823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains a...
CVE-2023-38523
The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder...
OESA-2023-1411 guava20 security update
Guava is a set of core libraries that includes new collection types ,immutable collections, a graph library, and utilities for concurrency, I/O, hashing, primitives, strings, and more. Security Fixes: Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google...
GHSA-5MCR-GQ6C-3HQ2 Local Information Disclosure Vulnerability in Netty on Unix-Like systems
Impact When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. The CVSSv3.1 score of this vulnerability is calculated to be a 6.2/10 Vulnerability Details On unix-like systems, th...
cf40.txt
Ok, I've had CF 4.0 eval for approx. 1 hour now, and here's over a half dozen more reasons to not use sample pages: http://server/cfdocs/exampleapp/docs/sourcewindow.cfm?Template= --shows you contents of any file you want http://server/cfdocs/snippets/evaluate.cfm --if the expression evaluator ha...