12 matches found
SUSE CVE-2026-32758
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...
CVE-2026-32761 File Browser has an Authorization Policy Bypass in its Public Share Download Flow
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...
CVE-2026-28492 File Browser: Path Traversal in Public Share Links Exposes Files Outside Shared Directory
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses...
CVE-2021-22732
Improper Privilege Management vulnerability exists in homeLYnk Wiser For KNX and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server...
Siemens POWER METER SICAM Q100和Siemens POWER METER SICAM Q200 安全漏洞
Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 are multifunctional power quality recorders from Siemens, Germany. A security vulnerability exists in Siemens POWER METER SICAM Q100 and Siemens POWER METER SICAM Q200 prior to version V2.62, which stems from the plaintext storage ...
SUSE CVE-2025-25204
gh is GitHub's official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool gh attestation verify causes it to return a zero exit status when no attestations are present. This behavior is incorrect:...
PT-2024-33667 · Zitadel +1 · Zitadel +1
Name of the Vulnerable Software and Affected Versions: Zitadel versions prior to 2.64.0 Zitadel versions prior to 2.63.5 Zitadel versions prior to 2.62.7 Zitadel versions prior to 2.61.4 Zitadel versions prior to 2.60.4 Zitadel versions prior to 2.59.5 Zitadel versions prior to 2.58.7 Description...
PT-2023-3769 · Siemens · Sicam Q200 +1
Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions prior to V2.60 Siemens SICAM Q200 affected versions not specified Description: A vulnerability has been identified where affected devices are missing cookie protection flags when using the default settings. Thi...
CVE-2022-40799
Data Integrity Failure in 'Backup Config' in D-Link DNR-322L = 2.60B15 allows an authenticated attacker to execute OS level commands on the device...
HPE Integrated Lights-Out 4 注入漏洞
HPE Integrated Lights-Out 4 iLO 4 is a remote control solution from Hewlett Packard Enterprise hpe. The solution enables remote monitoring and operation of IT assets such as servers. HPE Integrated Lights-Out 4 suffers from an injection vulnerability that stems from a potential remote host header...
CVE-2021-22736
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in homeLYnk Wiser For KNX and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded...
HPE Integrated Lights Out (iLO) Override Vulnerability
HPE Integrated Lights-Out 4 iLO 4 and Integrated Lights-Out 5 iLO 5 are both embedded server management technologies from Hewlett Packard Enterprise HPE that use an integrated remote management port to monitor and maintain the server operation, remote control of the server, and more through an...