Page 19 of 137 results (0.009 seconds)

CVSS: 9.8EPSS: 96%CPEs: 1EXPL: 7

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 Vulnerabilidad de subida de archivos arbitrarios sin autenticar en Blueimp jQuery-File-Upload en versiones iguales o anteriores a la v9.22.0. The Tajer for WordPress is vulnerable to arbitrary file uploads due to inclusion of a vulnerable version of the Blueimp jQuery-File-Upload library in versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Blueimp jQuery File Upload versions 9.22.0 and below suffer from a remote file upload vulnerability. • https://www.exploit-db.com/exploits/45790 https://www.exploit-db.com/exploits/46182 https://www.exploit-db.com/exploits/45584 https://github.com/Den1al/CVE-2018-9206 https://github.com/mi-hood/CVE-2018-9206 http://www.securityfocus.com/bid/105679 http://www.securityfocus.com/bid/106629 http://www.vapidlabs.com/advisory.php?v=204 https://wpvulndb.com/vulnerabilities/9136 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://github.com/blue • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 2

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. Se ha descubierto un problema en mpruett Audio File Library (también conocido como audiofile) versiones 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. Ha ocurrido un desbordamiento de búfer basado en memoria dinámica (heap) en Expand3To4Module::run al ejecutar sfconvert • https://github.com/mpruett/audiofile/issues/50 https://github.com/mpruett/audiofile/issues/51 https://usn.ubuntu.com/3800-1 https://access.redhat.com/security/cve/CVE-2018-17095 https://bugzilla.redhat.com/show_bug.cgi?id=1631088 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. HScripts PHP File Browser Script v1.0 permite salto de directorio mediante el parámetro path en index.php. • https://packetstormsecurity.com/files/149204 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. X File Explorer (también conocido como xfe) podría permitir que usuarios locales omitan las restricciones de acceso planeadas y obtengan acceso a archivos arbitrarios aprovechando el error a la hora de emplear máscaras de directorio al crear archivos en las comparticiones Samba y NFS. • http://www.openwall.com/lists/oss-security/2014/02/24/5 http://www.securityfocus.com/bid/65748 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739536 https://bugzilla.redhat.com/show_bug.cgi?id=1069066 https://exchange.xforce.ibmcloud.com/vulnerabilities/91519 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. audiofile Audio File Library 0.3.6 tiene un error de desreferencia de puntero NULL en ModuleState::setup en modules/ModuleState.cpp, lo que permite que un atacante provoque una denegación de servicio (DoS) mediante un archivo caf manipulado, tal y como queda demostrado con sfconvert. • https://github.com/mpruett/audiofile/issues/49 https://usn.ubuntu.com/3800-1 https://access.redhat.com/security/cve/CVE-2018-13440 https://bugzilla.redhat.com/show_bug.cgi?id=1600367 • CWE-476: NULL Pointer Dereference •