Lucene search
K

1646 matches found

CNNVD
CNNVD
added 2021/06/30 12:0 a.m.6 views

Google TensorFlow 路径遍历漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from an arbitrary file overwrite vulnerability, which originates from an issue caused when tf.keras.utils.getfile is used with extract=True, and can be exploited by an...

9.1CVSS5.8AI score0.01864EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/06/25 12:0 a.m.6 views

The vulnerability of IBM DB2 database management systems, including IBM DB2 Connect, stems from privilege management errors, allowing attackers to overwrite arbitrary files.

The vulnerability of IBM DB2 database management systems and IBM DB2 Connect is related to privilege management errors. Exploiting this vulnerability can allow a malicious actor to re-record arbitrary files remotely...

6.8CVSS7AI score0.0104EPSS
Exploits0References3Affected Software2
ArchLinux
ArchLinux
added 2021/06/15 12:0 a.m.145 views

[ASA-202106-39] thefuck: arbitrary file overwrite

Arch Linux Security Advisory ASA-202106-39 ========================================== Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-34363 Package : thefuck Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-2062 Summary ======= The package thefuck before...

9.1CVSS1.1AI score0.01847EPSS
Exploits0References4
OSV
OSV
added 2021/06/07 9:15 p.m.4 views

CVE-2021-23391

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

7.1CVSS5.9AI score0.00433EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/05/05 12:0 a.m.4 views

PT-2021-3256 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Software affected versions not specified Description: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected...

6CVSS4.7AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/04 12:0 a.m.3 views

Exim 后置链接漏洞

Exim is an open source messaging agent MTA running on Unix systems that routes, forwards and delivers mail. Exim suffers from a security vulnerability that exists as a result of the following issue with symbolic links in the Exim log directory. An attacker can exploit the vulnerability to overwri...

7.8CVSS5.7AI score0.0053EPSS
Exploits3References8
Positive Technologies
Positive Technologies
added 2021/04/07 12:0 a.m.4 views

PT-2021-2544 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: The issue is related to errors in access control, which could allow an attacker to overwrite arbitrary files or execute arbitrary code. An unauthenticated, remote...

7.8CVSS7.8AI score0.01794EPSS
Exploits1References7
Cisco
Cisco
added 2021/03/24 4:0 p.m.65 views

Cisco Aironet Access Points Arbitrary File Overwrite Vulnerability

A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points AP could allow an authenticated, local attacker to overwrite files in the flash memory of the device. This vulnerability is due to insufficient input validation for a specific command. An attacker could exploit...

4.4CVSS1.4AI score0.0023EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.3 views

Cisco IOS XE SD-WAN Software 安全漏洞

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An arbitrary file overwrite vulnerability exists in the CLI for SD-WAN for Cisco IOS XE. The vulnerability stems from insufficient validation of parameters for specific CLI...

6.6CVSS6.7AI score0.0023EPSS
Exploits0References3
CNVD
CNVD
added 2021/03/22 12:0 a.m.5 views

NetApp Cloud Manager Arbitrary File Overwrite Vulnerability

NetApp Cloud Manager is a centralized system for viewing and managing local and cloud storage with support for hybrid, multi-cloud providers and accounts. An arbitrary file overwrite vulnerability exists in NetApp Cloud Manager prior to version 3.9.4. A remote attacker could exploit this...

9.4CVSS6.8AI score0.01542EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/19 12:0 a.m.4 views

Netapp NetApp OnCommand Cloud Manager 安全漏洞

NetApp Cloud Manager is a centralized system for viewing and managing local and cloud storage with support for hybrid, multi-cloud providers and accounts. An arbitrary file overwrite vulnerability exists in NetApp Cloud Manager prior to version 3.9.4. A remote attacker could exploit this...

9.4CVSS5.8AI score0.01542EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2021/03/12 6:12 p.m.5 views

CVE-2021-21068 Adobe Creative Cloud installer arbitrary file overwrite vulnerability

Adobe Creative Cloud Desktop Application version 5.3 and earlier is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction...

6.1CVSS6.3AI score0.00621EPSS
Exploits0References1
OSV
OSV
added 2021/03/01 4:15 p.m.21 views

CVE-2021-25833

A file extension handling issue was found in server module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code executi...

9.8CVSS7.8AI score0.43534EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2021/02/02 6:15 p.m.58 views

CVE-2019-25017

An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned only directory traversa...

5.9CVSS6.4AI score0.01429EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/02/02 12:0 a.m.4 views

MIT Kerberos Security Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability in...

5.9CVSS6.4AI score0.01429EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.43 views

CentOS 8 : icedtea-web (CESA-2019:2004)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2004 advisory. - icedtea-web: unsigned code injection in a signed JAR file CVE-2019-10181 - icedtea-web: path traversal while processing elements of JNLP files result...

8.6CVSS7.5AI score0.04022EPSS
Exploits0References4
NVD
NVD
added 2021/01/26 6:15 p.m.19 views

CVE-2020-26941

A local authenticated low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite deletion of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation...

5.5CVSS5.4AI score0.00332EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/12/18 12:0 a.m.6 views

The vulnerability lies in the implementation of the PrintData or PrintStats functions in the network traffic balancing system’s Keepalived module. This allows a attacker to re-record arbitrary files.

The vulnerability in the implementation of the PrintData or PrintStats functions of the network traffic balancing system Keepalived is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow an attacker to re-record arbitrary files...

6.3CVSS6AI score0.00501EPSS
Exploits1References6Affected Software3
Veracode
Veracode
added 2020/11/05 3:18 a.m.35 views

Arbitrary File Overwrite

libreoffice is vulnerable to arbitrary file overwrite. Forms allowed to be submitted to any URI could result in local file overwrite...

6.5CVSS3.4AI score0.01712EPSS
Exploits0References9Affected Software3
CNVD
CNVD
added 2020/11/05 12:0 a.m.1 views

Unspecified Vulnerability in Apple macOS Catalina System Component

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the System component of Apple macOS Catalina prior to version 10.15.3. An attacker can exploit the vulnerability to overwrite arbitrary files...

7.1CVSS6.7AI score0.00666EPSS
Exploits0References1
Rows per page
Query Builder