CVE-2023-41787

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-427
View all →

Vulnerability Description

Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. This vulnerability allows access to files with sensitive information. This issue affects Pandora FMS: from 700 through 772.

Related Vulnerabilities

CVE-2016-4526

HIGH
CVSS:7.5(High)

ABB DataManagerPro 1.x before 1.7.1 allows local users to gain privileges by replacing a DLL file in the package directory.

CWE-4272016

CVE-2021-3115

HIGH
CVSS:7.5(High)

Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, c...

CWE-4272021

CVE-2019-4588

HIGH
CVSS:7.4(High)

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.

CWE-4272019

CVE-2015-1014

HIGH
CVSS:7.3(High)

A successful exploit of these vulnerabilities requires the local user to load a crafted DLL file in the system directory on servers running Schneider Electric OFS v3.5 with version v7.40 of SCADA Expe...

CWE-4272015

CVE-2017-4987

HIGH
CVSS:7.3(High)

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user can load a maliciously crafted file in the search path which may potenti...

CWE-4272017