CyberSecurityBoard
Sponsor Register Login

CVE-2024-1201

Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation.

Publication date: Fri, 02 Feb 2024 18:15:00 +0000


Cyber News related to CVE-2024-1201

Defending Access to the Decentralized Web - Decentralized web technologies have the potential to make the internet more robust and efficient, supporting a new wave of innovation. The fundamental technologies and services that make it work are already being hit with overreaching legal threats. ...
1 year ago Eff.org
AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
7 months ago Feeds.dzone.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
CVE-2024-1201 - Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege ...
1 year ago
CVE-2024-39487 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago
CVE-2000-1201 - Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. ...
16 years ago
CVE-2015-1201 - Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. ...
10 years ago
CVE-2001-1201 - Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file. ...
8 years ago
CVE-2002-1201 - IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a flood of malformed TCP packets without any flags set, which prevents AIX from releasing the associated memory buffers. ...
8 years ago
CVE-2016-1201 - Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to hijack the authentication of administrators. ...
8 years ago
CVE-2003-1201 - ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial ...
7 years ago
CVE-2005-1201 - Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or ...
7 years ago
CVE-2008-1201 - Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 on Windows allow user-assisted remote attackers to execute arbitrary code via a crafted .FLA file. ...
7 years ago
CVE-2010-1201 - Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly ...
7 years ago
CVE-1999-1201 - Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks ...
7 years ago
CVE-2018-1201 - Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Job Operations Page within the OneFS web administration ...
7 years ago
CVE-2014-1201 - Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series with firmware 11.19.85_1FE3A allows remote ...
6 years ago
CVE-2009-1201 - Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct ...
6 years ago
CVE-2007-1201 - Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components ...
6 years ago
CVE-2006-1201 - Directory traversal vulnerability in resetpw.php in eschew.net phpBannerExchange 2.0 and earlier, and other versions before 2.0 Update 5, allows remote attackers to read arbitrary files via a .. (dot dot) in the email parameter during a "Recover ...
6 years ago
CVE-2017-1201 - IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. IBM X-Force ID: 123676. ...
5 years ago
CVE-2011-1201 - The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." ...
4 years ago
CVE-2019-1201 - A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security ...
1 year ago
CVE-2018-19949 - If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS ...
4 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)