Huawei EulerOS: Security Advisory for gzip (EulerOS-SA-2022-2109)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for xz (EulerOS-SA-2022-2124)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gzip (EulerOS-SA-2022-2089)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.1 : xz (EulerOS-SA-2022-2124)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - gzip: arbitrary-file-write vulnerability CVE-2022-1271 Note that Tenable Network Security has extracted the preceding description blo...

Huawei EulerOS: Security Advisory for gzip (EulerOS-SA-2022-1968)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gzip (EulerOS-SA-2022-1998)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for xz (EulerOS-SA-2022-1985)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for xz (EulerOS-SA-2022-2015)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : gzip (EulerOS-SA-2022-1968)

According to the versions of the gzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, ...

EulerOS 2.0 SP9 : gzip (EulerOS-SA-2022-1998)

According to the versions of the gzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, ...

EulerOS 2.0 SP9 : xz (EulerOS-SA-2022-1985)

According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a...

EulerOS 2.0 SP9 : xz (EulerOS-SA-2022-2015)

According to the versions of the xz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a...

postgresql-jdbc: Arbitrary File Write Vulnerability

A flaw was found in Postgres JDBC. This flaw allows an attacker to use a method to write arbitrary files through the connection properties settings. For example, an attacker can create an executable file under the server the application is running and make it a new part of the application or serv...

Oracle Linux 9 : xz (ELSA-2022-4940)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4940 advisory. 5.2.5-8 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271 Tenable has extracted the preceding description block directly from the Oracle Linux...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

gzip security update

1.10-9 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...

xz security update

5.2.5-8 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...

AnyDesk 7.0.9 Arbitrary File Write / Denial Of Service Vulnerabilities

Exploit Title: AnyDesk allow arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine Exploit Author: Erwin Chan Vendor Homepage: https://anydesk.com/en Software Link: https://anydesk.com/en Version: 7.0.9 Tested on: Windows 11 It was found that AnyDesk versi...

Arbitrary template creation leading to Authenticated Remote Code Execution

Description Arbitrary File Write Reproduction Steps: 1. As a low privileged user, Create a new recipe and click on the "+" to add a New Asset. 2. Select a file, then proxy the request that will create the asset. 3. Update the values in the POST request to the ones shown below: POST...

AnyDesk 7.0.9 Arbitrary File Write / Denial Of Service

Exploit Title: AnyDesk allow arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine Google Dork: if applicable Date: 24/5/2022 Exploit Author: Erwin Chan Vendor Homepage: https://anydesk.com/en Software Link: https://anydesk.com/en Version: 7.0.9 Tested on:...