CVE-2016-0394

IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that could allow a local attacker to manipulate certain files...

CVE-2016-9380

The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file...

CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

PHP 7.1.0 / 5.6.29 missing null byte checks for paths in ZipArchive::extractTo Vulnerability

Exploit for php platform in category dos / poc Description: ------------ ZipArchive-extractTo doesn’t ensure that pathnames lack NULL byte, which might allow attacker to manipulate the directory path. Affected method: ------------------------------------------ static ZIPARCHIVEMETHODextractTo...

ByREV WP-PICShield - Cross-Site Request Forgery (CSRF)

The ByREV WP-PICShield WordPress plugin is vulnerable to CSRF. When updating the plugin options, several parameters in the issued POST request are written directly to the .htaccess file within the WordPress root directory. An attacker may be able to insert arbitrary lines into the .htaccess file,...

CVE-2016-7462

CVE-2016-7462 affects VMware vRealize Operations (vROps) 6.x prior to 6.4.0. The REST API deserialization vulnerability allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload mishandled during deserialization. VM...

Remote File Manipulation Via Deserialization

Apache Wicket is vulnerable to remote file manipulation via Java deserialization. It allows an attacker to add, move, and delete files that Apache DiskFileItem has access to. Additionally, if an older Java VM is running, the attacker can control the filename because the NULL byte check doesn't...

Directory traversal

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove...

Directory traversal

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id aka dir parameter, related to browser/directory/getlist...

CVE-2016-10039

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles...

CVE-2016-10038

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove...

CVE-2016-10039

MODX Revolution is affected by CVE-2016-10039 (pre-2.5.2-pl). A directory traversal flaw exists in /connectors/index.php where a crafted dir parameter can cause local file inclusion/traversal/manipulation. The vulnerability is exploitable remotely via standard network access and is tied to the br...

CVE-2016-10037

MODX Revolution

CVE-2016-10038

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove...

Design/Logic Flaw

An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The aria-label parameter of tiles at the Portal can be used to inject script code. Those labels use the name of the file e.g. an image which gets displayed at the portal application. Using script code at the file name leads t...

CVE-2016-9156

A vulnerability in Siemens SICAM PAS all versions before V8.09 could allow a remote attacker to upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP...

CVE-2016-9156

Siemens SICAM PAS is affected (all versions prior to 8.09). A remote attacker could upload, download, or delete files in certain parts of the file system by sending specially crafted packets to port 19235/TCP. Mitigation: upgrade SICAM PAS to version 8.09 or later; apply network access controls t...

WordPress Plugins Leave Online Shoppers Vulnerable

Researchers are calling into question the safety of some of the top WordPress e-commerce plugins used on over 100,000 commercial websites prepping for Black Friday and Cyber Monday online sales. In reviewing the top 12 WordPress e-commerce plugins, application security testing firm Checkmarx foun...

Atlassian Crucible Server < 3.10.0 Multiple Vulnerabilities

Binary data 9782.prm...

Security vulnerabilities fixed in Firefox ESR 45.5 — Mozilla

A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. Thi...