Lucene search
K

1649 matches found

Prion
Prion
added 2023/06/06 12:15 a.m.13 views

Design/Logic Flaw

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system including system files, inject code into an XLS file, and modify the file extension, which could lead to arbitrary code...

7.5CVSS9.6AI score0.00898EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/05 11:16 p.m.7 views

CVE-2023-32540

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system including system files, inject code into an XLS file, and modify the file extension, which could lead to arbitrary code...

7.2CVSS7.3AI score0.00898EPSS
Exploits0References1
CVE
CVE
added 2023/06/05 11:16 p.m.49 views

CVE-2023-32540

Affected product: Advantech WebAccess/SCADA (versions 9.1.3 and prior). The vulnerability is an arbitrary file overwrite in the software that could allow overwriting any OS file, injecting code into an XLS file, and changing file extensions, potentially enabling arbitrary code execution. Impact i...

9.8CVSS9.4AI score0.00898EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/05 11:16 p.m.15 views

CVE-2023-32540

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system including system files, inject code into an XLS file, and modify the file extension, which could lead to arbitrary code...

7.2CVSS9.7AI score0.00898EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.4 views

Advantech WebAccess/SCADA 代码注入漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, China. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An arbitrary file overwrite vulnerability exist...

9.8CVSS7.6AI score0.00898EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/01 12:0 a.m.4 views

PT-2023-22387 · Unknown · Keyboard Themes

Name of the Vulnerable Software and Affected Versions: Keyboard Themes version 1.275.1.164 Description: The issue allows unauthorized apps to overwrite arbitrary files in the internal storage of Keyboard Themes and achieve arbitrary code execution due to a dictionary traversal vulnerability...

9.8CVSS7.8AI score0.01199EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/06/01 12:0 a.m.3 views

Timmystudios Fast Typing Keyboard 路径遍历漏洞

Timmystudios Fast Typing Keyboard is an Android app keyboard by Timmystudios. A security vulnerability exists in Timmystudios Fast Typing Keyboard Themes version 1.275.1.164, which stems from the presence of a dictionary traversal vulnerability that could allow an unauthorized application to...

9.8CVSS8.8AI score0.01199EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/05/30 5:15 a.m.4 views

CVE-2023-33245

Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...

8.8CVSS7.5AI score0.00872EPSS
Exploits0References4
OSV
OSV
added 2023/05/30 5:15 a.m.6 views

CVE-2023-33245

Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...

8.8CVSS5.9AI score0.00872EPSS
Exploits0References3
Prion
Prion
added 2023/05/30 5:15 a.m.304 views

Code injection

Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...

6.8CVSS8.8AI score0.00872EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/05/30 12:0 a.m.25 views

CVE-2023-33245

Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...

9AI score0.00872EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/05/30 12:0 a.m.5 views

CVE-2023-33245

Minecraft through 1.19 and 1.20 pre-releases before 7 Java allow arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink...

7.3AI score0.00872EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.3 views

PT-2023-24241 · Mojang · Minecraft

Name of the Vulnerable Software and Affected Versions: Minecraft versions 1.19 through 1.20 pre-releases before 7 Java Description: The issue allows for arbitrary file overwrite, and possibly code execution, via crafted world data that contains a symlink. Recommendations: For Minecraft versions...

8.8CVSS7.3AI score0.00872EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/04/27 12:0 a.m.6 views

Docker Desktop 安全漏洞

Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

6.3CVSS6.7AI score0.0029EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/27 12:0 a.m.4 views

Docker Desktop 后置链接漏洞

Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...

7.1CVSS7.3AI score0.00332EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/04/14 12:0 a.m.7 views

CVE-2022-47027

Timmystudios Fast Typing Keyboard v1.275.1.162 allows unauthorized apps to overwrite arbitrary files in its internal storage via a dictionary traversal vulnerability and achieve arbitrary code execution...

7.8AI score0.01474EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.2 views

PT-2023-6557 · Siemens · Tia Portal

Name of the Vulnerable Software and Affected Versions: Totally Integrated Automation Portal TIA Portal versions V15 through V18 Update 1, with the following specifics: TIA Portal versions V15 TIA Portal versions V16 through V16 Update 7 TIA Portal versions V17 through V17 Update 6 TIA Portal...

7.8CVSS7.3AI score0.00249EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.13 views

Siemens TIA Portal 输入验证错误漏洞

Siemens TIA Portal is a fully integrated automation portal from Siemens, Germany.TIA Portal gives you unlimited access to the full range of digital automation services, from digital planning to integrated engineering and transparent operation. A path traversal vulnerability exists in Siemens TIA...

7.8CVSS6.8AI score0.00249EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.21 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : rsync Vulnerability (NS-SA-2023-0010)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has rsync packages installed that are affected by a vulnerability: - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The...

7.4CVSS8.3AI score0.0165EPSS
Exploits1References3
Amazon
Amazon
added 2023/02/17 12:11 a.m.44 views

Important: git

Issue Overview: A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwri...

9.8CVSS1.6AI score0.34007EPSS
Exploits1
Rows per page
Query Builder