Lucene search
K

1646 matches found

Tenable Nessus
Tenable Nessus
added 2015/07/08 12:0 a.m.30 views

Scientific Linux Security Update : abrt on SL6.x i386/x86_64 (20150707)

It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. CVE-2015-3315 It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to...

7.8CVSS6.2AI score0.04815EPSS
Exploits4References7
CNVD
CNVD
added 2015/07/02 12:0 a.m.2 views

Apple MAC OS X kextd Symbolic Link Arbitrary File Overwrite Vulnerability

Apple Mac OS X is a commercial operating system. Apple Mac OS X kextd suffers from a symbolic link vulnerability that allows attackers to run malicious applications and overwrite arbitrary files...

8.8CVSS6.8AI score0.01615EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/17 12:0 a.m.2 views

Tanium Arbitrary File Overwrite Vulnerability

Tanium is an endpoint protection and management platform. An arbitrary file overwrite vulnerability exists in Tanium, which allows attackers to exploit the vulnerability to corrupt system files and conduct denial-of-service attacks...

7AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/06/11 1:21 p.m.9 views

OpenJDK: jar directory traversal issues (Tools, 8064601)

A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted...

5.8CVSS6.7AI score0.03608EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/06/09 7:48 p.m.4 views

abrt: does not validate contents of uploaded problem reports

It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other...

6.5CVSS5.9AI score0.01075EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/04/20 2:27 p.m.5 views

OpenJDK: jar directory traversal issues (Tools, 8064601)

A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted...

5.8CVSS6.7AI score0.03608EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/04/15 4:54 p.m.2 views

OpenJDK: jar directory traversal issues (Tools, 8064601)

A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted...

5.8CVSS6.7AI score0.03608EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/04/15 3:15 p.m.4 views

jar: directory traversal vulnerability

A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted...

5CVSS5.8AI score0.06717EPSS
Exploits1References4
CNVD
CNVD
added 2015/02/26 12:0 a.m.1 views

VideoLAN libbluray Directory Traversal Vulnerability

VideoLAN VLC media player is the multimedia player of VideoLAN program. A directory traversal vulnerability exists in VideoLAN libbluray due to the program failing to adequately filter user-supplied input. A remote attacker could use a directory traversal sequence of specially crafted requests '...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2015/01/20 12:0 a.m.2 views

kgb directory traversal vulnerability

KGB is a free compression tool with high compression ratio. A directory traversal vulnerability exists in kgb, which can be exploited by a remote attacker to overwrite arbitrary files under the application using a specially crafted request with a directory traversal sequence '... /' to overwrite...

5CVSS7.1AI score0.01505EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2014/11/04 12:0 a.m.47 views

Jenkins < 1.583 / 1.565.3 and Jenkins Enterprise 1.532.x / 1.554.x / 1.565.x < 1.532.10.1 / 1.554.10.1 / 1.565.3.1 Multiple Vulnerabilities

The remote web server hosts a version of Jenkins open source or CloudBees Jenkins Enterprise that is affected by multiple vulnerabilities : - An error exists related to file upload processing that allows a remote attacker to overwrite arbitrary files. CVE-2013-2186 - An input validation error...

7.5CVSS7.7AI score0.12768EPSS
Exploits0References14
OSV
OSV
added 2014/10/30 5:10 p.m.4 views

USN-2393-1 wget vulnerability

HD Moore discovered that Wget contained a path traversal vulnerability when downloading symlinks using FTP. A malicious remote FTP server or a man in the middle could use this issue to cause Wget to overwrite arbitrary files, possibly leading to arbitrary code execution...

9.3CVSS7.2AI score0.39883EPSS
Exploits4References2
OSV
OSV
added 2014/09/05 9:7 a.m.13 views

MGASA-2014-0367 Updated php packages fix multiple security vulnerabilities

Updated php packages fix security vulnerabilities: Integer overflow in the cdfreadpropertyinfo function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service application crash via a craft...

6.8CVSS8.8AI score0.20237EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2014/08/28 12:0 a.m.19 views

AIX 6.1 TL 7 : bos.rte.odm (U865807)

The remote host is missing AIX PTF U865807, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

6.9CVSS5.7AI score0.01748EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2014/08/26 12:0 a.m.30 views

AIX 7.1 TL 2 : bos.rte.odm (U865302)

The remote host is missing AIX PTF U865302, which is related to the security of the package bos.rte.odm. AIX could allow a arbitrary file overwrite symlink vulnerability due to libodm.a bug. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

6.9CVSS5.7AI score0.01748EPSS
Exploits5References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2748/info ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to corrupt arbitrary files. When it runs with the parameters 'inet add', 'asagent', opens and overwrites it if it...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24111/info PEAR is prone to a vulnerability that lets attackers overwrite arbitrary files. An attacker-supplied package may supply directory-traversal strings through the 'install-as' attribute to create and overwrite fil...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Pegasus Imaging ImagXpress 8.0 - Remote Arbitrary File Overwrite

No description provided by source. pre codespan style=font: 10pt Courier New;span class=general1-symbolbody bgcolor=E0E0E0----------------------------------------------------------------------------- bPegasus Imaging ImagXpress 8.0 Remote Arbitrary File Overwrite/b url:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

HP-UX 10.20/11.0 man /tmp symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

Apache Struts2 <= 2.3.1 - Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20120104-0 ======================================================================= title: Multiple critical vulnerabilities in Apache Struts2 product: Apache Struts2 OpenSymphony XWork OpenSymphony OGNL vulnerable...

7.1AI score
Exploits0
Rows per page
Query Builder