Lucene search
K

1647 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.2 views

SUSE CVE-2006-0582

Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors...

2.1CVSS7AI score0.00442EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2007-0159

Directory traversal vulnerability in the GeoIPupdatedatabasegeneral function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers possibly only update.maxmind.com to overwrite arbitrary files via a .. dot dot in the database filename, which is returned by a request to...

6.4CVSS7.2AI score0.02025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.2 views

SUSE CVE-2007-0898

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. dot dot in the id MIME header parameter in a multi-part message...

6.4CVSS9.2AI score0.03758EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1799

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384...

6.4CVSS7.1AI score0.02269EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.2 views

SUSE CVE-2007-2519

Directory traversal vulnerability in the installer in PEAR 1.0 through 1.5.3 allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in the 1 install-as attribute in the file element in package.xml 1.0 or the 2 as attribute in the install element in package.xm...

6.8CVSS7.3AI score0.07288EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-4134

Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. slash slash dot dot sequences in directory symlinks in a TAR archive...

6.8CVSS7.1AI score0.03009EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:6 a.m.2 views

SUSE CVE-2008-5137

tkman in tkman 2.2 allows local users to overwrite arbitrary files via a symlink attack on a 1 /tmp/tkman or 2 /tmp/ll temporary file...

6.9CVSS6.7AI score0.0039EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.2 views

SUSE CVE-2009-0035

alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a symlink attack via the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts...

5.5CVSS6.7AI score0.00468EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.3 views

SUSE CVE-2009-5044

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

3.3CVSS6.7AI score0.00373EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.2 views

SUSE CVE-2010-1511

KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file...

6.4CVSS6.9AI score0.03323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.4 views

SUSE CVE-2011-1837

The lock-counter implementation in utils/mount.ecryptfsprivate.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors...

3.6CVSS6.7AI score0.00379EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.5 views

SUSE CVE-2011-3171

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors...

3.6CVSS6.9AI score0.00585EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.1 views

SUSE CVE-2011-3602

Directory traversal vulnerability in device-linux.c in the router advertisement daemon radvd before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. dot dot in an interface name. NOTE: this can be leveraged with a symlink to overwrit...

6.4CVSS6.8AI score0.02771EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.4 views

SUSE CVE-2012-2103

The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names...

1.2CVSS6.4AI score0.00331EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.19 views

SUSE CVE-2013-1866

OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability...

6.3CVSS7AI score0.00422EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.1 views

SUSE CVE-2017-1000420

Syncthing version 0.14.33 and older is vulnerable to symlink traversal resulting in arbitrary file overwrite...

7.5CVSS7.6AI score0.01509EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:29 a.m.3 views

SUSE CVE-2018-7442

An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite...

9.1CVSS9.6AI score0.02065EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.8 views

SUSE CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS6.7AI score0.01976EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.2 views

SUSE CVE-2019-13173

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...

7.3CVSS8.4AI score0.02781EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.1 views

SUSE CVE-2019-16777

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

7.7CVSS7.6AI score0.01984EPSS
Exploits0References9
Rows per page
Query Builder