5164 matches found
CLSA-2022-1660759048 Fixed CVE-2022-29154 in rsync
CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc server MITM attack...
CLSA-2022-1660756974 Fixed CVE-2022-29154 in rsync
CVE-2022-29154: fix arbitrary file write vulnerability via malicious rysnc server MITM attack...
SUSE-SU-2022:2825-1 Security update for rsync
This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write when connecting to a malicious server bsc1201840...
PT-2022-4468 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
SUSE-FU-2022:2794-1 Feature update for ongres-scram, ongres-stringprep, postgresql-jdbc
This feature update for ongres-scram, ongres-stringprep, postgresql-jdbc provides: ongres-scram: - Upgrade from version 1.0.0-beta.2 to version 2.1. jscSLE-23994 Add standard SASLPrep bsc1196693, jscSLE-23994 Failover to bouncy castle implementation of PBKDF2WithHmacSHA256 to support Oracle JDK 7...
CVE-2022-29154
An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A...
rsync -- client-side arbitrary file write vulnerability
Openwall oss-security reports: We have discovered a critical arbitrary file write vulnerability in the rsync utility that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. Due to...
Directory Traversal
Overview std/path/filepath is a Go standard library package std/path/filepath Affected versions of this package are vulnerable to Directory Traversal. Go Vulnerability Report: On Windows, the filepath.Clean function can convert certain invalid paths to valid, absolute paths, potentially allowing ...
CVE-2022-36987
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server...
CVE-2022-36987
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server...
CVE-2022-36990
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from...
Code injection
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server...
GHSA-6XF5-C3CX-67PV Arbitrary file write vulnerability in Jenkins CLIF Performance Testing plugin
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...
Arbitrary file write vulnerability in Jenkins CLIF Performance Testing plugin
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...
CVE-2022-36894
CVE-2022-36894 concerns an arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin (64.vc0d66de1dfb_f and earlier). The issue allows attackers with Overall/Read permissions to create or replace arbitrary files on the Jenkins controller filesystem with content of their choosi...
CVE-2022-36894
An arbitrary file write vulnerability in Jenkins CLIF Performance Testing Plugin 64.vc0d66de1dfbf and earlier allows attackers with Overall/Read permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...