CVE-2012-4121

Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed 1 r and 2 w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574...

CVE-2010-4068

Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-2010-3714...

CVE-2012-5969

Multiple directory traversal vulnerabilities on the Huawei E585 device allow remote attackers to 1 read arbitrary files via a .. dot dot in the PATHINFO of an sdcard/ request or 2 modify arbitrary files via a .. dot dot in the reqpage parameter to en/sms.cgi...

CVE-2005-0576

Unknown vulnerability in Standard Type Services Framework STSF Font Server Daemon stfontserverd in Solaris 9 allows local users to modify or delete arbitrary files...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition during the image unpack process. An attacker can modify the host file system by exploiting the time gap between checking and using a file or resource. Workarounds 1. Verify image integrity...

CVE-2025-48017

Improper limitation of pathname in Circuit Provisioning and File Import applications allows modification and uploading of files...

CVE-2025-48017

CVE-2025-48017 concerns an improper pathname restriction in Schweitzer Engineering Laboratories’ SEL Series software, specifically within the Circuit Provisioning and File Import applications . The root cause is a lax restriction on pathnames that can permit modification and uploading of files, p...

Rapid7 AppSpider Pro 安全漏洞

Rapid7 AppSpider Pro is a dynamic application security testing solution from Rapid7, Inc. that allows you to scan Web and mobile applications for vulnerabilities. A security vulnerability exists in Rapid7 AppSpider Pro versions prior to 7.5.018, which stems from a ScanName field stored cross-site...

CVE-2025-4447

A flaw was found in Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8. A stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts...

CVE-2024-6648 Path Traversal in AP Page Builder

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an unauthenticated remote user to modify the 'productitempath' within the 'config' JSON file, allowing them to read any file on the system...

CVE-2025-1056

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released a patched version...

CVE-2025-1056

CVE-2025-1056 affects Axis Camera Station Pro. A non-admin user can modify a specific file used by the server to create files or alter content in an admin-protected location. Axis has released a patched version; see Axis security advisory for details and remediation steps. The connected Red Hat, ...

CVE-2025-1056

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released a patched version...

CVE-2025-1056

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released a patched version...

AXIS Camera Station Pro 安全漏洞

AXIS Camera Station Pro is a powerful and flexible video management and access control from Axis Sweden. AXIS Camera Station Pro has a security vulnerability that originates from the possibility that a non-administrative user could modify specific files, resulting in the creation or alteration of...

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence Platform allows a hacker to modify arbitrary files and cause service interruptions.

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence Platform is related to errors in inherited permissions. Exploiting this vulnerability could allow attackers to modify arbitrary files and cause service failures...

PT-2025-17600 · Axis · Axis Camera Station Pro

Name of the Vulnerable Software and Affected Versions: AXIS Camera Station Pro affected versions not specified Description: A non-admin user can modify a specific file used by the server to create files or change the content of files in an admin-protected location. The issue was identified by...

CVE-2025-32018

Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the us...

CVE-2025-32018

Cursor is an AI-codeditor. Versions 0.45.0–0.48.6 contain a regression that broadens the Cursor Agent’s file-modification permissions, allowing, under deliberate prompting (user or crafted context), automatic writes to files outside the opened workspace. The vulnerability can manifest when the ag...

CVE-2025-31187

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system...