Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials...

Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite (cisco-sa-sdwan-fileoverwrite-Uc9tXWH)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of...

JetBrains Rider < 2025.1.2 Arbitrary File Overwrite

The version of JetBrains Rider installed on the remote host is prior to 2025.1.2. It is, therefore, affected by a vulnerability as referenced in the TeamCity202504 advisory. - In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...

Unspecified Vulnerability in JetBrains Rider

JetBrains Rider is a cross-platform .NET integrated development environment IDE from the Czech company JetBrains. A security vulnerability exists in JetBrains Rider that stems from a custom archive unpacker allowing arbitrary file overwrites during a remote debugging session, which can be exploit...

CVE-2025-43016

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...

CVE-2025-43016

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...

CVE-2025-43016

CVE-2025-43016 affects JetBrains Rider prior to 2025.1.2. Multiple sources describe a vulnerability in Rider’s custom archive unpacker that enables arbitrary file overwrites during a remote debugging session. Impact is described as arbitrary file overwrite with no explicit exploitation details be...

CVE-2025-43016

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...

CVE-2025-43016

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session...

CVE-2025-3294

CVE-2025-3294 affects the WordPress WP Editor plugin up to version 1.2.9.1. The issue is an authenticated directory-traversal flaw (no proper file path validation) that can enable an attacker with Administrator-level access and above to overwrite arbitrary server files, potentially enabling remot...

WordPress plugin WP Editor 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

archives 路径遍历漏洞

archives is a cross-platform, multi-format Go library by the individual developer Matt Holt in France. A path traversal vulnerability exists in archives, which stems from a path traversal attack that could lead to arbitrary file overwrites...

CVE-2025-25041

CVE-2025-25041 affects the HPE Aruba Networking VIA Client on Windows, allowing malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM and potentially cause a DoS on Windows; Linux/Android are not affected. Connected sources note a related advisory (hpesbnw04841) and that the VIA cli...

hornetq-core-client: Arbitrarily overwrite files or access sensitive information

A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information...

About the security content of Xcode 16.3

About the security content of Xcode 16.3 This document describes the security content of Xcode 16.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Apple Xcode 缓冲区错误漏洞

Apple Xcode is an integrated development environment developed by Apple Inc. Apple Xcode suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause an application to overwrite arbitrary files...

Arbitrary File Overwrite

ai.h2o, h2o-core is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a lack of export location restrictions in the model export endpoint, allowing an attacker to overwrite arbitrary files on the server...

Arbitrary File Overwrite

H2O-3 is vulnerable to Arbitrary File Overwrite. The vulnerability is due to improper input validation due to the exportModelDetails function in ModelsHandler.java allowing user-controlled input in the mexport.dir parameter, enabling overwriting files at arbitrary locations on the host system...

CVE-2024-7957

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the loadcredentials method, where user-controlled input for realmname and zuliprccontent is used to construct file paths and write file content...

CVE-2024-8616

In h2oai/h2o-3 version 3.46.0, the /99/Models/name/json endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the exportModelDetails function in ModelsHandler.java, where the user-controllable mexport.dir parameter is used to specify the file path for...