Lucene search
K

1646 matches found

CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Microsoft Visual Studio Privilege Mobilization Vulnerability (CNVD-2020-24130)

Microsoft Visual Studio is a family of development tool suites from Microsoft and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. A lift vulnerability exists in Microsoft Visual Studio that stems from a failure of the Updater...

5.5CVSS6.6AI score0.0076EPSS
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Microsoft Windows Connected User Experiences and Telemetry Service elevation of privilege vulnerability (CNVD-2020-32585)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system.Connected User Experiences and Telemetry Service is one of the components that can...

7.1CVSS7.2AI score0.00737EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/15 12:0 a.m.3 views

SAP Netweaver Path Traversal Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A path traversal vulnerability exists in SAP NetWeaver Knowledge Management, which results from the program...

9.1CVSS7AI score0.01107EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/13 12:0 a.m.2 views

Vastgota-Data ProVide Path Traversal Vulnerability

Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A security vulnerability exists in ajax/ImportCertificate in Vastgota-Data ProVide 13.1 and earlier versions. An attacker can exploit the vulnerability to load an arbitrary certificate in...

9.8CVSS6.9AI score0.00908EPSS
Exploits1References1
Veracode
Veracode
added 2020/04/10 1:3 a.m.28 views

Arbitrary File Overwrite

php is vulnerable to arbitrary file overwrite. The vulnerability exists as an off-by-one flaw was found in PHP. If an attacker uploaded a file with a specially-crafted file name it could cause a PHP script to attempt to write a file to the root / directory. By default, PHP runs as the "apache"...

6.4CVSS1.8AI score0.19235EPSS
Exploits1References24Affected Software1
Veracode
Veracode
added 2020/04/10 12:59 a.m.22 views

Arbitrary File Overwrite

gcc is vulnerable to arbitrary file overwrite. The vulnerability exists through two directory traversal flaws were found in the way fastjar extracted JAR archive files. If a local, unsuspecting user extracted a specially-crafted JAR file, it could cause fastjar to overwrite arbitrary files writab...

2.6CVSS3.4AI score0.03365EPSS
Exploits1References14Affected Software1
Veracode
Veracode
added 2020/04/10 12:59 a.m.17 views

Arbitrary File Overwrite

gcc is vulnerable to arbitrary file overwrite. The vulnerability exists through two directory traversal flaws were found in the way fastjar extracted JAR archive files. If a local, unsuspecting user extracted a specially-crafted JAR file, it could cause fastjar to overwrite arbitrary files writab...

5.8CVSS3.4AI score0.03681EPSS
Exploits1References18Affected Software1
Veracode
Veracode
added 2020/04/10 12:41 a.m.27 views

Arbitrary File Overwrite

fence is vulnerable to arbitrary file overwrite. The pservershutdown function in fenceegenera allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

6.9CVSS5.4AI score0.00711EPSS
Exploits0References19Affected Software2
Veracode
Veracode
added 2020/04/10 12:36 a.m.23 views

Arbitrary File Overwrite

cman is vulnerable to arbitrary file overwrites. The vulnerability exists as multiple insecure temporary file use flaws were found in fenceapcsnmp and ccstool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with th...

6.9CVSS2.8AI score0.0039EPSS
Exploits0References25Affected Software3
Veracode
Veracode
added 2020/04/10 12:31 a.m.17 views

Arbitrary File Overwrite

openswan is vulnerable to arbitrary file overwrite. The vulnerability exists as Openswan's livetest script created temporary files in an insecure manner. A local attacker could use this flaw to overwrite arbitrary files owned by the user running the script...

4.4CVSS2.5AI score0.01115EPSS
Exploits6References17Affected Software1
Veracode
Veracode
added 2020/04/10 12:28 a.m.27 views

Arbitrary File Overwrite

xen is vulnerable to arbitrary file overwrite. The vulnerability exists as it was discovered that the qemu-dm.debug script created a temporary file in /tmp in an insecure way. A local attacker in Dom0 could, potentially, use this flaw to overwrite arbitrary files via a symlink attack...

6.9CVSS3.3AI score0.00319EPSS
Exploits0References11Affected Software1
Veracode
Veracode
added 2020/04/10 12:18 a.m.26 views

Arbitrary File Overwrite

tar is vulnerable to arbitrary file overwrite. The vulnerability exists as a path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access...

6.8CVSS2.9AI score0.02743EPSS
Exploits1References40Affected Software1
Veracode
Veracode
added 2020/04/10 12:14 a.m.28 views

Arbitrary File Overwrite

coolkey is vulnerable to arbitrary file overwrite. A local attacker could perform a symlink attack and cause arbitrary files to be overwritten...

3.3CVSS3.4AI score0.00301EPSS
Exploits1References9Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/06 10:58 a.m.16 views

CVE-2019-13173

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...

7.5CVSS1.6AI score0.02781EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/03 2:9 a.m.48 views

CVE-2019-16777

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

7.7CVSS1.7AI score0.01984EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/02/24 12:55 p.m.3 views

npm: Global node_modules Binary Overwrite

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

7.7CVSS7.1AI score0.01984EPSS
Exploits0References4
CNVD
CNVD
added 2020/02/24 12:0 a.m.2 views

Apple macOS Catalina PackageKit Input Validation Vulnerability Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in the PackageKit component of Apple macOS Catalina versions prior to 10.15.3. The vulnerability can be exploited by an attacker to overwrite arbitrary files with the...

3.6CVSS6.6AI score0.00326EPSS
Exploits0References1
OSV
OSV
added 2020/02/21 3:15 p.m.5 views

CVE-2020-5324

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged...

4.4CVSS5.9AI score0.00252EPSS
Exploits0References1
Prion
Prion
added 2020/02/21 3:15 p.m.20 views

Arbitrary file deletion

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged...

2.6CVSS4.7AI score0.00252EPSS
Exploits0References1Affected Software113
Cvelist
Cvelist
added 2020/02/21 2:50 p.m.23 views

CVE-2020-5324

Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged...

7.1CVSS6.8AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder