15 matches found
SUSE-SU-2026:21628-1 Security update for helm
This update for helm fixes the following issues Security issues: - CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart bsc1261938. Non security...
EUVD-2022-0753
Malicious code in bioql PyPI...
CVE-2022-28113
An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie...
Unrestricted file upload
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...
CVE-2023-48031
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...
CVE-2023-48031
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute...
Vagrant Security Vulnerabilities
Vagrant is a command line utility for managing the lifecycle of virtual machines. Isolates dependencies and their configurations in a single disposable and consistent environment. A security vulnerability exists in HashiCorp Vagrant versions prior to 2.4.0 that stems from the presence of...
ASUS RT-AC68U 安全漏洞
ASUS RT-AC68U is a router from Asus China. A security vulnerability exists in ASUS RT-AC68U router firmware versions prior to 3.0.0.4.386.41634, which stems from incorrect access control. An attacker can exploit the vulnerability to write arbitrary files to perform COPY and MOVE operations...
CVE-2022-20955
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the...
CVE-2022-30333
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract aka unpack operation, as demonstrated by creating a /.ssh/authorizedkeys file. NOTE: WinRAR and Android RAR are unaffected...
Samsung Flow 安全漏洞
Samsung flow is an application for Samsung Samsung mobile devices, a software used to connect Samsung to Win10-based computers for a seamless, secure, and connected experience.An access control error vulnerability exists in versions prior to Samsung Flow 4.8.06.5, which stems from a lack of prope...
SUSE SLES15 Security Update : buildah (SUSE-SU-2022:0770-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0770-1 advisory. - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and...
CVE-2020-2076
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write fil...
cPanel Input Validation Error Vulnerability (CNVD-2019-26371)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in versions of cPanel prior to 78.0.2. The vulnerability stems from a web-based...
PT-2006-4865 · Php +1 · Php +1
Name of the Vulnerable Software and Affected Versions: PHP versions 4.4.3 and earlier PHP versions 5.1.4 and earlier Description: The issue allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping. This can trigger a buffer...