Lucene search
K

1646 matches found

CNVD
CNVD
added 2020/08/11 12:0 a.m.3 views

Firejail OS Command Injection Vulnerability (CNVD-2020-46817)

Firejail is a SUID sandboxing program written in C. A security vulnerability exists in Firejail 0.9.62 and earlier versions. The vulnerability can be exploited to overwrite arbitrary files with the help of the '--' delimiter...

7.8CVSS6.9AI score0.01464EPSS
Exploits0References1
NVD
NVD
added 2020/07/27 2:15 p.m.21 views

CVE-2020-15593

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC Inter-Process Communicati...

7.8CVSS7.6AI score0.00422EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.21 views

Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite (cisco-sa-fdmfo-HvPWKxDe)

According to its self-reported version, Cisco Firepower Device Manager FDM On-Box software is affected by an arbitrary file overwrite vulnerability due to improper input validation. An authenticated, remote attacker can exploit this by uploading a malicious file to an affected device in order to...

9CVSS7AI score0.01766EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2020/06/25 7:35 a.m.116 views

Exploit for Link Following in Docker Desktop

CVE-2020-10665 Docker Desktop Local Privilege Escalation POC...

7.2CVSS7AI score0.01435EPSS
Exploits2
Cvelist
Cvelist
added 2020/06/19 2:2 p.m.18 views

CVE-2019-20851

An issue was discovered in Mattermost Mobile Apps before 1.26.0. An attacker can use directory traversal with the Video Preview feature to overwrite arbitrary files on a device...

9.2AI score0.01385EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/17 12:0 a.m.4 views

helm path traversal vulnerability

helm is a Kubernetes package manager. A path traversal vulnerability exists in helm 3.0.0 and later fixed in version 3.2.4. An attacker can send a tar file containing a '/...' sequence in the 'path' parameter. /...' sequence in the 'path' parameter to overwrite arbitrary files on the system...

8.5CVSS7AI score0.01458EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/05 12:0 a.m.5 views

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-32792)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. Samsung mobile devices have a security vulnerability that can be exploited by attackers to overwrite arbitrary files with the help of symbolic links...

9.1CVSS6.9AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2020/06/04 6:15 p.m.2 views

CVE-2020-13833

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The system area allows arbitrary file overwrites via a symlink attack. The Samsung ID is SVE-2020-17183 June 2020...

9.1CVSS7.4AI score0.00461EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/06/03 5:55 p.m.10 views

CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

6.3CVSS6.6AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/03 5:55 p.m.24 views

CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

6.3CVSS6.2AI score0.00351EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/29 12:0 a.m.3 views

Dell Dock Firmware Update Utilities Code Issue Vulnerability

Dell Dock Firmware Update Utilities is a firmware update utility for Dell Docking Station from Dell USA. A code issue vulnerability exists in the Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations. A local attacker could exploit this vulnerability by...

7.1CVSS6.9AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2020/05/28 8:15 p.m.17 views

CVE-2020-5357

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time...

7.1CVSS6.8AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2020/05/28 8:15 p.m.3 views

CVE-2020-5357

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time...

6CVSS6.4AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2020/05/28 7:20 p.m.114 views

CVE-2020-5357

CVE-2020-5357 :Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The flaw is exploitable during the administrator execution window via a symlink attack by a locally authenticated, low-privileged user, en...

7.1CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/20 12:0 a.m.41 views

Ansible Tower 3.6.x =< 3.6.3 Archive Traversal Arbitrary File Overwrite Vulnerability

The version of Ansible Tower running on the remote web server is 3.6.x equal or prior to 3.6.3. It is, therefore, affected by an archive traversal arbitrary file overwrite vulnerability when extracting tar.gz archives. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.2CVSS7.4AI score0.00358EPSS
Exploits0References3
CNVD
CNVD
added 2020/05/07 12:0 a.m.2 views

Apple macOS Catalina Printing Component Elevation of Privilege Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple for Mac computers.Printing is one of the printing components. A security vulnerability exists in the Printing component of Apple macOS Catalina versions prior to 10.15.4. The vulnerability can be exploited by malicious...

7.8CVSS6.7AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/06 4:40 p.m.14 views

CVE-2020-3309 Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

6.5CVSS6.9AI score0.01766EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/05/06 4:40 p.m.11 views

CVE-2020-3309 Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

6.5CVSS6.9AI score0.01766EPSS
Exploits0References1
Cisco
Cisco
added 2020/05/06 4:0 p.m.25 views

Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Firepower Device Manager FDM On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this...

6.5CVSS6.7AI score0.01766EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/04/28 4:8 p.m.2 views

pcp: Local privilege escalation in pcp spec file through migrate_tempdirs

A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise...

8.4CVSS7.2AI score0.00458EPSS
Exploits1References4
Rows per page
Query Builder