5147 matches found
Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities
The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...
Comodo Antivirus explosion multiple vulnerabilities-vulnerability warning-the black bar safety net
Comodo is a company located in the United States software company, headquartered in Jersey City, was established in 1998, is a world-renowned IT security service provider and SSL certificate providers. Researchers at Comodo Antivirus / Comodo Antivirus Advanced and other products found in the...
kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp`
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is...
Comodo Antivirus / Internet Security Multiple Vulnerabilities
The version of the Comodo security product installed on the remote Windows host is affected by multiple vulnerabilities: - A Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can th...
Comodo Security Solutions Antivirus Arbitrary File Write Vulnerability
Comodo Security Solutions Antivirus is a suite of antivirus software from the American company Comodo Security Solutions. The software is mainly used to protect against computer viruses, malware and other Internet threats. A security vulnerability exists in Comodo Security Solutions Antivirus...
b3log Wide Arbitrary File Read/Write Vulnerability
b3log Wide is a set of Web-based Go language integrated development environment IDE . An arbitrary file read/write vulnerability exists in versions of b3log Wide prior to 1.6.0, which can be exploited by an attacker to access arbitrary files...
CVE-2019-3970
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data direct...
CVE-2019-3970
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data direct...
Code injection
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data direct...
CVE-2019-3970
CVE-2019-3970 affects Comodo Antivirus up to 12.0.0.6810. The vulnerability arises from Cavwp.exe loading the antivirus definition database into unsecured global section objects, enabling a local, low-privileged process to modify the in-memory data and alter virus signatures. Impact described in ...
CVE-2019-3970
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data direct...
CVE-2019-10352
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
CVE-2019-10352
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
Path traversal
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
EUVD-2022-5019
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
CVE-2019-10352
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...
CVE-2019-10352
CVE-2019-10352 describes a path-traversal flaw in Jenkins core up to version 2.185 and LTS up to 2.176.1, in FileParameterValue.java, allowing attackers with Job/Configure permission to define a file parameter whose name escapes the intended directory. This can lead to arbitrary file writes on th...
Unspecified vulnerability in deepin-clone (CNVD-2019-23972)
deepin-clone is a disk and partition backup/recovery tool. A security vulnerability exists in deepin-clone versions prior to 1.1.3. An attacker can exploit the vulnerability to create or overwrite files at arbitrary locations on the file system...
Unspecified vulnerability in deepin-clone (CNVD-2019-23981)
deepin-clone is a disk and partition backup/recovery tool. A security vulnerability exists in deepin-clone versions prior to 1.1.3. An attacker can exploit the vulnerability to create or overwrite files anywhere on the file system...
CVE-2019-1894 Cisco Enterprise NFV Infrastructure Software Arbitrary File Read and Write Vulnerability
A vulnerability in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, remote attacker with administrator privileges to overwrite or read arbitrary files on the underlying operating system OS of an affected device. The vulnerability is due to improper input validation...