Apple macOS Catalina Arbitrary File Overwrite Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Catalina versions prior to 10.15.2, which stems from a parsing issue when handling directory paths. An attacker can exploit the vulnerability to...

npm: Global node_modules Binary Overwrite

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

Arbitrary File Overwrite Vulnerability in Motrix Windows Version

Motrix is an open-source, free, all-in-one downloader with a very clean and minimalist interface. An arbitrary file overwrite vulnerability exists in the Windows version of Motrix, which can be exploited by attackers to compromise the integrity of a system...

npm: Global node_modules Binary Overwrite

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

npm: Global node_modules Binary Overwrite

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

Symlink Attack

pear/archivetar is vulnerable to symlink attacks. The symlinks are allowed by default, which would allow an attacker to compress files containing malicious filenames which, when extracted, would cause arbitrary overwrite of files...

UBUNTU-CVE-2019-16777

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

Adobe Reader DC JavaScript AnnotsString Object Arbitrary Overwrite Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AnnotsString...

PYSEC-2018-99

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks...

Null pointer dereference

On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...

Samba Arbitrary File Write Vulnerability

Samba is free software that allows UNIX operating systems to link with the SMB/CIFS network protocol of the Microsoft Windows operating system. A security vulnerability exists in Samba that allows remote attackers to exploit the vulnerability to submit special requests to arbitrarily write or...

Arbitrary Archive File Overwrite

Borg aka BorgBackup has a flaw in the way of processing duplicate archive names during manifest recovery. When rebuilding the manifest which should only be needed very rarely, duplicate archive names would be handled on a "first come first serve" basis, allowing an attacker to arbitrarily overwri...

wget: arbitrary file overwrite

GNU Wget when supplied with a malicious website link can be tricked into saving an arbitrary remote file supplied by an attacker, with arbitrary content and filename under the current directory. This can lead to potential code execution by creating system scripts such as .bashprofile and others...

IBM TSM FastBack Mount Service Arbitrary Overwrite Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Fastback. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Mount service FastBackMount.exe. This process listens by defau...

Immunity Canvas: MS07_067

Name| ms07067 ---|--- CVE| CVE-2007-5587 Exploit Pack| CANVAS Description| Macrovision SecDrv.sys Arbitrary Overwrite Notes| References: www.microsoft.com/technet/security/Bulletin/MS07-067.mspx CVE Name: CVE-2007-5587 VENDOR: Microsoft MSADV: MS07-067 Date public: 10/17/07 CVE Url:...

CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow

CSIS Security Group has discovered a remote exploitable arbitrary overwrite, in the Blue Coat K9 Web Protection local Web configuration manager on 127.0.0.1 and port 2372. This allows an attacker to perform at least a Denial of Service condition, on the usage of internet. Since the overflow can...

xine-lib arbitrary file overwrite

From the xinehq advisory: By opening a malicious MRL in any xine-lib based media player, an attacker can write arbitrary content to an arbitrary file, only restricted by the permissions of the user running the application. The flaw is a result of a feature that allows MRLs media resource locator...