1647 matches found
Design/Logic Flaw
cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update SEC-303...
CVE-2016-10848
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...
Design/Logic Flaw
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/checksystemstorable SEC-78...
CVE-2016-10845
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/checksystemstorable SEC-78...
CVE-2016-10845
CVE-2016-10845 affects cPanel prior to 11.54.0.4. The issue is an arbitrary file-overwrite in scripts/check_system_storable (SEC-78) due to improper input handling/validation. Impact is partial confidentiality, integrity, and availability per CVSS2/3 data; exploitation details are not provided in...
CVE-2016-10848
CVE-2016-10848 affects cPanel prior to 11.54.0.4, allowing arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). The issue is documented across multiple sources (NVD, Red Hat advisory) with a high impact rating (C/V: high; A: high) and network attack vector. The provided materials d...
CVE-2016-10848
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...
icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite
It was found that icedtea-web was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox...
nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link
A flaw was found in nodejs-tar in versions prior to 4.4.2. An arbitrary file overwrite can occur when extracting tarballs containing a hard-link to a file that already exists in the system. Further, a file that matches the hard-link may overwrite the system's files with the contents of the...
Private Internet Access (PIA) VPN Client Arbitrary File Overwrite Vulnerability
Private Internet Access PIA is a commercial VPN service operated by London Trust Media. An arbitrary file overwrite vulnerability exists in the London Trust Media Private Internet Access PIA VPN client version 82 for Linux and macOS. An attacker can exploit this vulnerability to overwrite any fil...
Private Internet Access (PIA) VPN Client Arbitrary File Overwrite Vulnerability (CNVD-2019-24220)
Private Internet Access PIA is a commercial VPN service operated by London Trust Media. An arbitrary file overwrite vulnerability exists in the London Trust Media Private Internet Access PIA VPN client 0.9.8 beta build 02099 for macOS. An attacker can exploit this vulnerability to cause a denial ...
CVE-2019-12573
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpnlauncher binary is setuid root. This binary supports the --log option, which accepts a path as an argument...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
DEBIAN-CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
Design/Logic Flaw
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...