CVE-2023-42661

JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...

Input validation

JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...

CVE-2023-42661 JFrog Artifactory Improper input validation leads to arbitrary file write

JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...

CVE-2023-42661

JFrog Artifactory before version 7.76.2 is affected by an Arbitrary File Write vulnerability due to insufficient validation of artifacts. The issue allows an authenticated user to cause DoS or Remote Code Execution by sending a specially crafted sequence of requests. Affected product: JFrog Artif...

CVE-2023-42661 JFrog Artifactory Improper input validation leads to arbitrary file write

JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts...

JFrog Artifactory Input Validation Error Vulnerability

JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's JFrog that supports clustering and high-availability Docker registries, and provides an end-to-end automation solution for tracking artifacts from development to production. An input validation error...

BIT-PRESTASHOP-2023-39526 PrestaShopSQL manager vulnerability (potential RCE)

PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds...

PT-2024-2338 · Nessus · Nessus

Name of the Vulnerable Software and Affected Versions: Nessus affected versions not specified Description: The issue is related to a vulnerability in a Nessus plugin, which could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem locati...

GL.iNet AR300M v4.3.7 Arbitrary File Read Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

Important: cpio

Issue Overview: cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. CVE-2015-1197 Affected Packages: cpio Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

GL.iNet AR300M 4.3.7 Arbitrary File Write

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

openSUSE: Security Advisory for sudo (SUSE-SU-2023:0114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

CentOS 9 : sudo-1.9.5p2-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sudo-1.9.5p2-9.el9 build changelog. - arbitrary file write with privileges of the RunAs user CVE-2023-22809 Note that Nessus has not tested for this issue but has instead relied only on...

CentOS 9 : xz-5.2.5-8.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the xz-5.2.5-8.el9 build changelog. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a...

CentOS 9 : libreoffice-7.1.8.1-11.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libreoffice-7.1.8.1-11.el9 build changelog. - Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an...

CVE-2024-27081 ESPHome remote code execution via arbitrary file write

ESPHome is a system to control your ESP8266/ESP32. A security misconfiguration in the edit configuration file API in the dashboard component of ESPHome version 2023.12.9 command line installation allows authenticated remote attackers to read and write arbitrary files under the configuration...

Indu-Sol PROFINET-INspektor NT Security Vulnerability

The Indu-Sol PROFINET-INspektor NT is an analysis and test set for PROFINET communication verification, acceptance, quality checking and monitoring from Indu-Sol, Germany. A security vulnerability exists in Indu-Sol PROFINET-INspektor NT version 2.4.0 and earlier, which stems from a path traversa...

Important: atril

Issue Overview: Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem ...

Amazon Linux 2 : atril (ALASMATE-DESKTOP1.X-2024-006)

The version of atril installed on the remote host is prior to 1.20.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2024-006 advisory. Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and...