1646 matches found
Microsoft Visual Studio Privilege Mobilization Vulnerability (CNVD-2020-24130)
Microsoft Visual Studio is a family of development tool suites from Microsoft and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. A lift vulnerability exists in Microsoft Visual Studio that stems from a failure of the Updater...
Microsoft Windows Connected User Experiences and Telemetry Service elevation of privilege vulnerability (CNVD-2020-32585)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system.Connected User Experiences and Telemetry Service is one of the components that can...
SAP Netweaver Path Traversal Vulnerability
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A path traversal vulnerability exists in SAP NetWeaver Knowledge Management, which results from the program...
Vastgota-Data ProVide Path Traversal Vulnerability
Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A security vulnerability exists in ajax/ImportCertificate in Vastgota-Data ProVide 13.1 and earlier versions. An attacker can exploit the vulnerability to load an arbitrary certificate in...
Arbitrary File Overwrite
php is vulnerable to arbitrary file overwrite. The vulnerability exists as an off-by-one flaw was found in PHP. If an attacker uploaded a file with a specially-crafted file name it could cause a PHP script to attempt to write a file to the root / directory. By default, PHP runs as the "apache"...
Arbitrary File Overwrite
gcc is vulnerable to arbitrary file overwrite. The vulnerability exists through two directory traversal flaws were found in the way fastjar extracted JAR archive files. If a local, unsuspecting user extracted a specially-crafted JAR file, it could cause fastjar to overwrite arbitrary files writab...
Arbitrary File Overwrite
gcc is vulnerable to arbitrary file overwrite. The vulnerability exists through two directory traversal flaws were found in the way fastjar extracted JAR archive files. If a local, unsuspecting user extracted a specially-crafted JAR file, it could cause fastjar to overwrite arbitrary files writab...
Arbitrary File Overwrite
fence is vulnerable to arbitrary file overwrite. The pservershutdown function in fenceegenera allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...
Arbitrary File Overwrite
cman is vulnerable to arbitrary file overwrites. The vulnerability exists as multiple insecure temporary file use flaws were found in fenceapcsnmp and ccstool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with th...
Arbitrary File Overwrite
openswan is vulnerable to arbitrary file overwrite. The vulnerability exists as Openswan's livetest script created temporary files in an insecure manner. A local attacker could use this flaw to overwrite arbitrary files owned by the user running the script...
Arbitrary File Overwrite
xen is vulnerable to arbitrary file overwrite. The vulnerability exists as it was discovered that the qemu-dm.debug script created a temporary file in /tmp in an insecure way. A local attacker in Dom0 could, potentially, use this flaw to overwrite arbitrary files via a symlink attack...
Arbitrary File Overwrite
tar is vulnerable to arbitrary file overwrite. The vulnerability exists as a path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access...
Arbitrary File Overwrite
coolkey is vulnerable to arbitrary file overwrite. A local attacker could perform a symlink attack and cause arbitrary files to be overwritten...
CVE-2019-13173
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...
CVE-2019-16777
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...
npm: Global node_modules Binary Overwrite
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...
Apple macOS Catalina PackageKit Input Validation Vulnerability Vulnerability
Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the PackageKit component of Apple macOS Catalina versions prior to 10.15.3. The vulnerability can be exploited by an attacker to overwrite arbitrary files with the...
CVE-2020-5324
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged...
Arbitrary file deletion
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged...
CVE-2020-5324
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged...