Lucene search
K

1646 matches found

Metasploit
Metasploit
added 2019/09/09 5:0 p.m.21 views

Generic Zip Slip Traversal Vulnerability

This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive...

0.3AI score
Exploits0
NVD
NVD
added 2019/08/26 1:15 p.m.14 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5CVSS7.5AI score0.01676EPSS
Exploits0References1
OSV
OSV
added 2019/08/26 1:15 p.m.14 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2019/08/26 1:15 p.m.11 views

Design/Logic Flaw

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

6.4CVSS7.4AI score0.01676EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/15 6:58 p.m.124 views

CVE-2019-3974

CVE-2019-3974 affects Tenable Nessus on Windows (versions 8.5.2 and earlier). The issue allows arbitrary overwriting of certain system files, potentially causing a denial-of-service condition. Root cause: file overwrite flaw in Nessus’ Windows file handling. Affected product/version per sources: ...

8.5CVSS7.9AI score0.01818EPSS
Exploits0References1Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/15 12:0 a.m.63 views

Security update for icedtea-web (important)

openSUSE Security Update: Security update for icedtea-web Announcement ID: openSUSE-SU-2019:1911-1 Rating: important References: 1142825 1142832 1142835 Cross-References: CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities ...

8.6CVSS8.2AI score0.04022EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.47 views

RHEL 8 : icedtea-web (RHSA-2019:2004)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2004 advisory. The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It...

8.6CVSS7.6AI score0.04022EPSS
Exploits0References8
Veracode
Veracode
added 2019/08/08 12:7 a.m.33 views

Arbitrary File Overwrite

keepalived is vulnerable to arbitrary file overwrite. The vulnerability exists as there is an improper pathname validation that allows for overwrite of arbitrary filenames via symlinks...

4.7CVSS4.4AI score0.00501EPSS
Exploits1References8Affected Software1
CNVD
CNVD
added 2019/08/08 12:0 a.m.2 views

Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability (CNVD-2019-38857)

Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A path traversal vulnerability exists in the CLI for Cisco Enterprise NFV...

6.7CVSS7AI score0.00716EPSS
Exploits0References1
OSV
OSV
added 2019/08/07 1:15 p.m.3 views

CVE-2016-10804

The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...

8.1CVSS5.9AI score0.01096EPSS
Exploits0References2
NVD
NVD
added 2019/08/07 1:15 p.m.18 views

CVE-2016-10804

The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...

8.7CVSS8.1AI score0.01096EPSS
Exploits0References2
Prion
Prion
added 2019/08/07 1:15 p.m.16 views

Design/Logic Flaw

The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...

8.7CVSS7.2AI score0.01096EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/07 12:26 p.m.40 views

CVE-2016-10804

The CVE-2016-10804 issue affects cPanel prior to 57.9999.54, where the SQLite journal feature can cause arbitrary file overwrites during Horde Restore (SEC-58). Root cause: misuse of the SQLite journal leads to write operations to arbitrary files. Impact (per sources): High, with potential confid...

8.7CVSS8AI score0.01096EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/08/05 1:15 p.m.4 views

CVE-2016-10770

cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update SEC-164...

6.5CVSS5.9AI score0.00746EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/05 12:54 p.m.22 views

CVE-2016-10770

cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update SEC-164...

6.6AI score0.00746EPSS
Exploits0References1
CVE
CVE
added 2019/08/05 12:54 p.m.52 views

CVE-2016-10770

CVE-2016-10770 affects cPanel prior to 60.0.25. The vulnerability allows arbitrary file-overwrite operations during a Roundcube update (SEC-164). The provided documents consistently describe this as a cPanel issue related to the update process, with no additional technical details (e.g., affected...

6.5CVSS6.5AI score0.00746EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/08/05 12:15 p.m.20 views

CVE-2017-18464

cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor SEC-226...

5.5CVSS5.3AI score0.00714EPSS
Exploits0References1
Prion
Prion
added 2019/08/05 12:15 p.m.20 views

Design/Logic Flaw

cPanel before 62.0.17 allows arbitrary file-overwrite operations via the WHM Zone Template editor SEC-226...

5.5CVSS5.3AI score0.00714EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2019/08/05 12:16 a.m.20 views

Directory Traversal

icedtea-web is vulnerable to directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite...

8.6CVSS3.9AI score0.04022EPSS
Exploits0References13Affected Software1
Prion
Prion
added 2019/08/02 2:15 p.m.17 views

Design/Logic Flaw

cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update SEC-303...

3.6CVSS5.6AI score0.00297EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder