Path traversal in the skin management component of Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to achieve denial of service via arbitrary file deletion.
A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. I...
A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improp...
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary ...
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive informatio...
doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information ...
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code ...