DuckDB < 1.1.0 Unauthorized Filesystem Read (CVE-2024-41672)

The version of DuckDB installed on the remote host is affected by a vulnerability as referenced in the CVE-2024-41672 advisory. - In versions 1.0.0 and prior, content in filesystem is accessible for reading using 'sniffcsv', even with 'enableexternalaccess=false'. This vulnerability provides an...

PT-2023-26965 · Softing · Softing Secure Integration Server

Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to create directories on affected installations, despite requiring authentication to exploit. The flaw exists within the handlin...

Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass

Linux Kernel 2.6.x - CIFS CHRoot Security Restriction Bypass source: https://www.securityfocus.com/bid/17742/info The Linux Kernel is prone to a vulnerability that allows attackers to bypass a security restriction. This issue is due to a failure in the kernel to properly sanitize user-supplied...

PHP 4.x5.x MySQL Library - Safe_mode Filesystem Circumvention (1)

PHP 4.x5.x MySQL Library - Safemode Filesystem Circumvention 1 ?php / source: https://www.securityfocus.com/bid/4026/info PHP's 'safemode' feature may be used to restrict access to certain areas of a filesystem by PHP scripts. However, a problem has been discovered that may allow an attacker to...

PHP 4.x/5.x MySQL Library - &#039;Safe_mode&#039; Filesystem Circumvention (1)

?php / source: https://www.securityfocus.com/bid/4026/info PHP's 'safemode' feature may be used to restrict access to certain areas of a filesystem by PHP scripts. However, a problem has been discovered that may allow an attacker to bypass these restrictions to gain unauthorized access to areas o...