5 matches found
SUSE CVE-2022-29804
Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack...
tftp.c in libslirp 4.1.0 as used in QEMU 4.2.0 does not prevent ..\ directory traversal on Windows.
...
Directory traversal
The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server...
The vulnerability of the Oracle Fusion Middleware software platform allows a malicious actor to execute arbitrary scripts outside of the application’s catalog.
A vulnerability in the Oracle Fusion Middleware software exists due to an error that occurs when processing a unified resource identifier called Request-URI. Exploiting this vulnerability allows a malicious individual to access arbitrary scripts outside of the application’s catalog, using...
The vulnerability of the Oracle Fusion Middleware software platform allows a malicious individual to execute arbitrary commands, disrupt the logic of the script, and obtain the original script code.
The vulnerability of the Oracle Containers platform’s J2EE component in Oracle Fusion Middleware software relates to an error that occurs due to improper handling of the zero byte during the transmission of a request to another static page or JSP script using functions like pageContext.forward or...