CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2022/11/04 12:0 a.m.•3 views

Watchdog Antivirus 安全漏洞

Watchdog Antivirus is an anti-malware program from Watchdog. Designed to neutralize viruses, trojans, rootkits, worms, spyware and adware. A security vulnerability exists in Watchdog Antivirus version v1.4.158, which stems from incorrect access control in the anti-virus driver wsdkd.sys, allowing...

6.5CVSS6.6AI score0.00639EPSS

Exploits1References2

Tenable Nessus•added 2022/11/04 12:0 a.m.•24 views

Amazon Linux 2022 : gzip (ALAS2022-2022-188)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-188 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's...

Tenable Nessus•added 2022/11/04 12:0 a.m.•40 views

Exploits0References3

Amazon Linux 2022 : xz, xz-devel, xz-libs (ALAS2022-2022-187)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-187 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's...

Positive Technologies•added 2022/11/04 12:0 a.m.•4 views

Exploits0References3

PT-2022-24470 · Unknown · Watchdog Anti-Virus

Name of the Vulnerable Software and Affected Versions: Watchdog Antivirus version 1.4.158 Description: The issue is related to incorrect access control in the anti-virus driver wsdkd.sys, which allows attackers to write arbitrary files. Recommendations: For Watchdog Antivirus version 1.4.158,...

6.5CVSS6.3AI score0.00639EPSS

Exploits1References4

CVE•added 2022/10/26 2:1 p.m.•58 views

CVE-2022-20955

The CVE-2022-20955 issue affects Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software. The root cause is improper access controls on local file system assets and the CLI, enabling authenticated, local attackers to overwrite arbitrary files via symbolic links and to pe...

7.1CVSS6.4AI score0.00413EPSS

Exploits0References1Affected Software2

Cvelist•added 2022/10/26 2:0 p.m.•16 views

CVE-2022-20954 Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the...

5.5CVSS7.2AI score0.00413EPSS

ATTACKERKB•added 2022/10/19 4:0 p.m.•4 views

CVE-2022-20776

6.7CVSS6.7AI score0.00452EPSS

Cisco•added 2022/10/19 4:0 p.m.•31 views

Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities

5.5CVSS6.4AI score0.0066EPSS

Positive Technologies•added 2022/10/19 12:0 a.m.•5 views

PT-2022-5341 · Cisco · Cisco Roomos +1

Name of the Vulnerable Software and Affected Versions: Cisco TelePresence Collaboration Endpoint CE Software affected versions not specified Cisco RoomOS Software affected versions not specified Description: The issue is related to incorrect directory path restriction in the xAPI component of the...

6.7CVSS6.4AI score0.00452EPSS

Exploits0References6

OSV•added 2022/10/14 8:15 p.m.•2 views

CVE-2022-38424

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system write. Exploitation of this issue does not require user interaction, bu...

7.2CVSS5.9AI score

Tenable Nessus•added 2022/10/10 12:0 a.m.•27 views

EulerOS Virtualization 3.0.6.0 : gzip (EulerOS-SA-2022-2563)

According to the versions of the gzip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file nam...

Tenable Nessus•added 2022/10/10 12:0 a.m.•25 views

EulerOS Virtualization 3.0.6.0 : xz (EulerOS-SA-2022-2597)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

Tenable Nessus•added 2022/10/09 12:0 a.m.•21 views

EulerOS Virtualization 3.0.6.6 : gzip (EulerOS-SA-2022-2505)

ATTACKERKB•added 2022/10/07 3:15 p.m.•2 views

CVE-2022-39858

Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege...

7.8CVSS5.9AI score0.00216EPSS

Veracode•added 2022/10/07 12:59 a.m.•33 views

Arbitrary File Write

Jenkins Pipeline is vulnerable to Arbitrary File Write. The vulnerability exists because of using parameter name without sanitization as a relative path inside a build-related directory which allows an attacker to configure Pipelines to create or replace arbitrary files on the Jenkins controller...

7.5CVSS7.5AI score0.01456EPSS

Exploits0References4Affected Software1

CNNVD•added 2022/10/07 12:0 a.m.•4 views

SAMSUNG Mobile devices 路径遍历漏洞

SAMSUNG Mobile devices are a series of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung. A path traversal vulnerability exists in SAMSUNG Mobile devices version 3.5.51, which stems from a path traversal vulnerability in AtBroadcastReceiver in...

7.8CVSS7.5AI score0.00216EPSS