Total
169 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32761 | 1 Wwbn | 1 Avideo | 2024-09-16 | 6.5 Medium |
| An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-34765 | 1 Schneider-electric | 4 Opc Ua Module For M580, Opc Ua Module For M580 Firmware, X80 Advanced Rtu Module and 1 more | 2024-09-16 | 5.5 Medium |
| A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | ||||
| CVE-2020-2009 | 1 Paloaltonetworks | 1 Pan-os | 2024-09-16 | 7.2 High |
| An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | ||||
| CVE-2020-2008 | 1 Paloaltonetworks | 1 Pan-os | 2024-09-16 | 7.2 High |
| An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14. | ||||
| CVE-2023-38546 | 2 Haxx, Redhat | 6 Libcurl, Enterprise Linux, Jboss Core Services and 3 more | 2024-09-13 | 3.7 Low |
| This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a function call that duplicates en easy handle called [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html). If a transfer has cookies enabled when the handle is duplicated, the cookie-enable state is also cloned - but without cloning the actual cookies. If the source handle did not read any cookies from a specific file on disk, the cloned version of the handle would instead store the file name as `none` (using the four ASCII letters, no quotes). Subsequent use of the cloned handle that does not explicitly set a source to load cookies from would then inadvertently load cookies from a file named `none` - if such a file exists and is readable in the current directory of the program using libcurl. And if using the correct file format of course. | ||||
| CVE-2023-43074 | 1 Dell | 3 Unity Operating Environment, Unity Xt Operating Environment, Unityvsa Operating Environment | 2024-09-11 | 5.2 Medium |
| Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server. | ||||
| CVE-2023-2152 | 1 Oretnom23 | 1 Student Study Center Desk Management System | 2024-09-07 | 5.3 Medium |
| A vulnerability has been found in SourceCodester Student Study Center Desk Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226273 was assigned to this vulnerability. | ||||
| CVE-2024-0849 | 1 Leanote | 1 Desktop | 2024-09-05 | 5.5 Medium |
| Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR. | ||||
| CVE-2023-46851 | 1 Apache | 1 Allura | 2024-09-04 | 4.9 Medium |
| Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution. This issue affects Apache Allura from 1.0.1 through 1.15.0. Users are recommended to upgrade to version 1.16.0, which fixes the issue. If you are unable to upgrade, set "disable_entry_points.allura.importers = forge-tracker, forge-discussion" in your .ini config file. | ||||
| CVE-2024-7744 | 1 Progress | 1 Ws Ftp Server | 2024-09-04 | 6.5 Medium |
| In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Web Transfer Module allows File Discovery, Probe System Files, User-Controlled Filename, Path Traversal. An authenticated file download flaw has been identified where a user can craft an API call that allows them to download a file from an arbitrary folder on the drive where that user host's root folder is located (by default this is C:) | ||||
| CVE-2024-25117 | 2024-08-28 | 6.8 Medium | ||
| php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue. | ||||
| CVE-2024-33671 | 2024-08-27 | 7.7 High | ||
| An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file deletion on protected files. | ||||
| CVE-2024-31492 | 2024-08-22 | 7.8 High | ||
| An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3 and below, version 7.0.10 and below installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process. | ||||
| CVE-2024-39303 | 1 Weblate | 1 Weblate | 2024-08-21 | 4.4 Medium |
| Weblate is a web based localization tool. Prior to version 5.6.2, Weblate didn't correctly validate filenames when restoring project backup. It may be possible to gain unauthorized access to files on the server using a crafted ZIP file. This issue has been addressed in Weblate 5.6.2. As a workaround, do not allow untrusted users to create projects. | ||||
| CVE-2024-7911 | 2 Oretnom23, Sourcecodester | 2 Simple Online Bidding System, Simple Online Bidding System | 2024-08-19 | 6.3 Medium |
| A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /simple-online-bidding-system/bidding/index.php. The manipulation of the argument page leads to file inclusion. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-7497 | 2 Angeljudesuarez, Itsourcecode | 2 Airline Reservation System, Airline Reservation System | 2024-08-19 | 6.3 Medium |
| A vulnerability was found in itsourcecode Airline Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273623. | ||||
| CVE-2024-7496 | 2 Angeljudesuarez, Itsourcecode | 2 Airline Reservation System, Airline Reservation System | 2024-08-19 | 6.3 Medium |
| A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273622 is the identifier assigned to this vulnerability. | ||||
| CVE-2009-3625 | 1 Sahana | 1 Sahana | 2024-08-07 | N/A |
| Directory traversal vulnerability in www/index.php in Sahana 0.6.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. | ||||
| CVE-2010-1511 | 1 Kde | 2 Kde Sc, Kget | 2024-08-07 | N/A |
| KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file. | ||||
| CVE-2010-1000 | 1 Kde | 1 Kde Sc | 2024-08-07 | N/A |
| Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. | ||||