Total
79 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22178 | 2024-04-03 | N/A | 4.9 MEDIUM | ||
| A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2024-21870 | 2024-04-03 | N/A | 4.9 MEDIUM | ||
| A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2024-1603 | 2024-03-25 | N/A | 8.2 HIGH | ||
| paddlepaddle/paddle 2.6.0 allows arbitrary file read via paddle.vision.ops.read_file. | |||||
| CVE-2024-23634 | 2024-03-20 | N/A | 6.0 MEDIUM | ||
| GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST Coverage Store or Data Store API to rename arbitrary files and directories with a name that does not end in `.zip`. Store file uploads rename zip files to have a `.zip` extension if it doesn't already have one before unzipping the file. This is fine for file and url upload methods where the files will be in a specific subdirectory of the data directory but, when using the external upload method, this allows arbitrary files and directories to be renamed. Renaming GeoServer files will most likely result in a denial of service, either completely preventing GeoServer from running or effectively deleting specific resources (such as a workspace, layer or style). In some cases, renaming GeoServer files could revert to the default settings for that file which could be relatively harmless like removing contact information or have more serious consequences like allowing users to make OGC requests that the customized settings would have prevented them from making. The impact of renaming non-GeoServer files depends on the specific environment although some sort of denial of service is a likely outcome. Versions 2.23.5 and 2.24.2 contain a fix for this issue. | |||||
| CVE-2023-47147 | 1 Ibm | 1 Sterling Secure Proxy | 2024-03-19 | N/A | 5.3 MEDIUM |
| IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598. | |||||
| CVE-2023-26282 | 2024-03-06 | N/A | 4.2 MEDIUM | ||
| IBM Watson CP4D Data Stores 4.6.0 through 4.6.3 could allow a user with physical access and specific knowledge of the system to modify files or data on the system. IBM X-Force ID: 248415. | |||||
| CVE-2023-2554 | 1 Bumsys Project | 1 Bumsys | 2024-02-28 | N/A | 7.2 HIGH |
| External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0. | |||||
| CVE-2023-1070 | 1 Teampass | 1 Teampass | 2024-02-28 | N/A | 7.1 HIGH |
| External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22. | |||||
| CVE-2023-1105 | 1 Flatpress | 1 Flatpress | 2024-02-28 | N/A | 8.1 HIGH |
| External Control of File Name or Path in GitHub repository flatpressblog/flatpress prior to 1.3. | |||||
| CVE-2022-2400 | 1 Dompdf Project | 1 Dompdf | 2024-02-28 | N/A | 5.3 MEDIUM |
| External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0. | |||||
| CVE-2022-0593 | 1 Idehweb | 1 Login With Phone Number | 2024-02-28 | 6.4 MEDIUM | 6.5 MEDIUM |
| The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation. | |||||
| CVE-2022-0246 | 1 Webence | 1 Iq Block Country | 2024-02-28 | 4.0 MEDIUM | 4.9 MEDIUM |
| The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to "Zip Slip" vulnerability. | |||||
| CVE-2021-24966 | 1 Bestwebsoft | 1 Error Log Viewer | 2024-02-28 | 4.0 MEDIUM | 4.9 MEDIUM |
| The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder | |||||
| CVE-2021-3845 | 1 Ws Scrcpy Project | 1 Ws Scrcpy | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| ws-scrcpy is vulnerable to External Control of File Name or Path | |||||
| CVE-2021-38477 | 1 Auvesy | 1 Versiondog | 2024-02-28 | 6.4 MEDIUM | 9.8 CRITICAL |
| There are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files. | |||||
| CVE-2021-27250 | 1 Dlink | 2 Dap-2020, Dap-2020 Firmware | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the errorpage request parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11856. | |||||
| CVE-2021-21343 | 4 Debian, Fedoraproject, Oracle and 1 more | 12 Debian Linux, Fedora, Banking Enterprise Default Management and 9 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in the deletion of a file on the local host. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. | |||||
| CVE-2020-15264 | 1 Chocolatey | 1 Boxstarter | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
| The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looking for. For example, WptsExtensions.dll When Windows starts, it'll execute the code in DllMain() with SYSTEM privileges. Any unprivileged user can execute code with SYSTEM privileges. The issue is fixed in version 3.13.0 | |||||
| CVE-2019-3681 | 2 Opensuse, Suse | 5 Factory, Leap, Osc and 2 more | 2024-02-28 | 6.4 MEDIUM | 9.8 CRITICAL |
| A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 . | |||||