yaffshiv 路径遍历漏洞

yaffshiv is a simple YAFFS filesystem parser and extractor from the devttys0 personal developer. A security vulnerability exists in yaffshiv. An attacker can exploit this vulnerability to write arbitrary files outside of the extraction directory by crafting a malicious YAFFS file...

VulnCheck KEV: CVE-2020-6008

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution...

CentOS: Security Advisory for sudo (CESA-2023:0291)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

sudo security update

CentOS Errata and Security Advisory CESA-2023:0291 An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

EulerOS Virtualization 3.0.2.2 : gzip (EulerOS-SA-2023-1258)

According to the versions of the gzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file nam...

Arbitrary file write in net.mingsoft:ms-mcms

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

GHSA-65V6-3C9M-HMRP Arbitrary file write in net.mingsoft:ms-mcms

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.10013)

The version of AHV installed on the remote host is prior to 20220304.10013. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.10013 advisory. - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - In Expat...

CVE-2022-47042

CVE-2022-47042 affects MingSoft MCMS v5.2.10 and earlier. The vulnerability is an arbitrary file write via the component path ms/template/writeFileContent.do . Root cause described as an unrestricted file write in that endpoint, enabling an attacker to write arbitrary files. The CVSS 3.1 base met...

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

PT-2023-15143 · Mcms · Mcms

Name of the Vulnerable Software and Affected Versions: MCMS versions 5.2.10 and below Description: The issue allows for an arbitrary file write via the ms/template/writeFileContent.do endpoint. Recommendations: For MCMS versions 5.2.10 and below, at the moment, there is no information about a new...

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

sudo: arbitrary file write with privileges of the RunAs user

A vulnerability was found in sudo. Exposure in how sudoedit handles user-provided environment variables leads to arbitrary file writing with privileges of the RunAs user usually root. The prerequisite for exploitation is that the current user must be authorized by the sudoers policy to edit a fil...