2495 matches found
CVE-2019-18309
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from...
Design/Logic Flaw
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from...
CVE-2019-18308
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from...
CVE-2019-18309
CVE-2019-18309 affects the SPPA-T3000 MS3000 Migration Server (all versions). A local attacker with a low-privilege account can escalate to root by manipulating specific files in the server’s local filesystem. The Red Hat and NVD entries reiterate that exploitation requires local access and that ...
[SECURITY] Fedora 30 Update: libtiff-4.0.10-7.fc30
The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...
Siemens SPPA-T3000 MS3000 Migration Server Incorrect Access Control Vulnerability
SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.MS3000 Migration Server is one of the migration servers. A security vulnerability exists in the Siemens SPPA-T3000 MS3000 Migration Server. It allows an attacker with local...
Siemens SPPA-T3000 MS3000 Migration Server Incorrect Access Control Vulnerability (CNVD-2019-45386)
SPPA-T3000 is a distributed control system mainly used in thermal power plants and large-scale renewable energy power plants.MS3000 Migration Server is one of the migration servers. A security vulnerability exists in the Siemens SPPA-T3000 MS3000 Migration Server. It allows an attacker with local...
CVE-2019-18253
An attacker could use specially crafted paths in a specific request to read or delete files from Relion 670 Series versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior outside the intended directory...
Nextcloud: SSRF on local storage of iOS mobile
The tester uploaded the text file, containing "test ssrf" message, in order to proof SSRF attack. 2. Next, the tester uploaded the common file and then manipulate the content and extension file to html format in order to find the application path: 3. The tester access that file and found the...
Multiple QNAP Products NAS-201911-25 Multiple Security Vulnerabilities
Description Multiple QNAP products are prone to multiple security vulnerabilities. An attacker can exploit these issues to gain unauthorized access to the affected device, inject and execute arbitrary code and read or write arbitrary files on the device. Technologies Affected Qnap Photo Station...
Design/Logic Flaw
rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /tmp/portmap.xdr and 2 /tmp/rpcbind.xdr...
CVE-2019-18370
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh...
Solaris 11.4 - xscreensaver Privilege Escalation
Solaris 11.4 - xscreensaver Privilege Escalation @Mediaservice.net Security Advisory 2019-02 last updated on 2019-10-16 Title: Local privilege escalation on Solaris 11.x via xscreensaver Application: Jamie Zawinski's xscreensaver 5.39 distributed with Solaris 11.4 Jamie Zawinski's xscreensaver 5....
CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation
Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Point Endpoint Security VPN = E80.87 Build 986009514 Version: Check Point ZoneAlarm =...
CVE-2019-17050
CVE-2019-17050 affects the Voyager package for Laravel up to version 1.2.7. An attacker with admin privileges and Compass access can read or delete arbitrary files, including the .env file. The public references cite this issue and note a suggested mitigation: disable Compass in production. The c...
CVE-2019-11736
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...
Race condition
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...
CVE-2019-11736
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...
CVE-2019-11736
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...
Design/Logic Flaw
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization e.g., a basename call for a pathname to filegetcontents or fileputcontents...