10 matches found
GHSA-555P-6GRF-MH7F Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`
Impact dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes - path separators /, , parent-directory components .., and other filename-hostile characters e.g. : were preserved verbatim and...
CVE-2026-5758
A flaw was found in the protocol-buffers-schema JavaScript library. This vulnerability, known as prototype pollution, allows an attacker to inject malicious properties into an object's core definition. This could enable an attacker to change how an application behaves, bypass security measures, o...
Risky Deserialization Calls - benryanconversion ( Office Connector Plugin)
The benryanconversion plugin contains a code path that eventually ends up with a partially user-controlled filename being treated as the input for a call to readObject see FileBackedCache.loadFile. To trigger this, an attacker would need to call the following, with a payload in the sheetName...
SUSE-SU-2024:1525-1 Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 - Convert oscap output to UTF-8 -...
PT-2023-6760
Name of the Vulnerable Software and Affected Versions sudo-rs versions prior to 0.2.1 Description The issue is related to the handling of usernames in sudo-rs, a memory-safe implementation of sudo and su. Usernames containing the . and / characters can result in the corruption of specific files o...
CVE-2022-22988
File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through the files and directories. This can only be exploited once an attacker has already found a way to...
Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRF
The plugin does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow attackers to make a logged in admin delete arbitrary text files on the web server. PoC On Web Servers other than Windows, the...
SUSE-SU-2018:3625-1 Security update for accountsservice
This update for accountsservice fixes the following issues: This security issue was fixed: - CVE-2018-14036: Prevent directory traversal caused by an insufficient path check in userchangeiconfileauthorizedcb bsc1099699 Thsese non-security issues were fixed: - Don't abort loading users when an...
Raptor WAF v0.5 - Web Application Firewall using DFA
Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" use full path "bin/raptor" look detail...
yum-utils security update
1.1.31-46.0.1 - needs-restarting not checking kernel-uek for reboot message Orabug 27189714 - add bug27596617.patch to remove upstream URL reference 1.1.31-46 - reposync: prevent path traversal. - Resolves: bug1600617...