PT-2024-31512 · Byob · Byob

Name of the Vulnerable Software and Affected Versions: BYOB Build Your Own Botnet version 2.0 Description: An arbitrary file write issue in the exfiltration endpoint allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview luigi is a package that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, handling failures, command line integration, and much more. Affected versions of this package are vulnerable to Arbitrary File Write via Archive...

GO-2022-0805 github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction (Zip Slip) in github.com/u-root/u-root

github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction Zip Slip in github.com/u-root/u-root...

GO-2022-0799 Arbitrary File Write via Archive Extraction in mholt/archiver in github.com/mholt/archiver

Arbitrary File Write via Archive Extraction in mholt/archiver in github.com/mholt/archiver...

GO-2022-0647 Arbitrary File Write in Libcontainer in github.com/docker/docker

Arbitrary File Write in Libcontainer in github.com/docker/docker...

GO-2022-0351 Arbitrary file write in nats-server in github.com/nats-io/nats-server

Arbitrary file write in nats-server in github.com/nats-io/nats-server...

GO-2023-2055 Terraform allows arbitrary file write during the `init` operation in github.com/hashicorp/terraform

Terraform allows arbitrary file write during the init operation in github.com/hashicorp/terraform...

GO-2023-2006 1Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel

1Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel...

PT-2024-30558 · Unknown · Mobile Security Framework

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.0.7 Description: The issue is related to a flaw in the Static Libraries analysis section of MobSF, specifically during the extraction of .a extension files. The measure intended to prevent Z...

Arbitrary File Write

webcrack is vulnerable to Arbitrary File Write. The vulnerability is due to improper handling of path traversal sequences in module names in within the file bundle.ts, which allows attackers to overwrite files on Windows systems when using the unpack bundles and saving features...

CVE-2024-43373 webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

CVE-2024-43373 webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

webcrack 安全漏洞

webcrack is a tool for reverse engineering javascript by the individual developer j4k0xb. A security vulnerability exists in webcrack that originates from an arbitrary file write vulnerability in the webcrack module when processing specially crafted malicious code on Windows systems...

Directory Traversal

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Directory Traversal via the process handling file paths. A low-privileged attacker can access sensitive files outside the intended directory by submitting crafted path...

PT-2024-30537 · Webcrack · Webcrack

Name of the Vulnerable Software and Affected Versions: webcrack versions prior to 2.14.1 Description: An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack...

The vulnerability of the administrative interface of the FortiADC application controller allows a perpetrator to gain access to write arbitrary files.

The vulnerability of the FortiADC application delivery controller’s administrative interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain write access to arbitrary files by sending specially crafted HTTP or HTTPS requests...

CVE-2024-7399

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority...

CVE-2024-7399

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority...

Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...

GHSA-H7CM-JVPP-69XF Meshery SQL Injection vulnerability

Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.22 may lead to arbitrary file write by using a SQL injection stacked queries payload, and the...