2667 matches found
Aruba Instant Arbitrary File Modification Vulnerability
Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant suffers from an arbitrary file modification vulnerability that can be exploited by an attacker via a command line interface to overwrite arbitrary files with content under their control...
Aruba Instant Arbitrary File Modification Vulnerability (CNVD-2021-26048)
Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant suffers from an arbitrary file modification vulnerability that can be exploited by an attacker via the Web UI to overwrite arbitrary files with content under their control...
CVE-2021-25148
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba h...
CVE-2021-25148
CVE-2021-25148 affects Aruba Instant IAP devices. A remote arbitrary file modification vulnerability exists in Aruba Instant 6.5.x (≤6.5.4.17), 8.3.x (≤8.3.0.13), 8.5.x (≤8.5.0.10), and 8.6.x (≤8.6.0.4). The underlying issue allows an attacker to overwrite or modify files via remote interfaces (C...
Aruba Access Points 输入验证错误漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant suffers from an arbitrary file modification vulnerability that can be exploited by an attacker via a command line interface to overwrite arbitrary files with content under their control...
Aruba Instant Access Point 输入验证错误漏洞
Aruba Access Points is a wireless network from Aruba USA. It provides Internet access. A security vulnerability exists in Aruba Instant Access Points, which can be exploited by an attacker to remotely modify arbitrary files. The following products and versions are affected: Aruba Instant 6.4.x:...
Aruba Access Points 输入验证错误漏洞
Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant suffers from an arbitrary file modification vulnerability that can be exploited by an attacker via the Web UI to overwrite arbitrary files with content under their control...
PT-2021-9022 · Red Hat · Operator-Framework/Presto
Name of the Vulnerable Software and Affected Versions: operator-framework/presto as shipped in Red Hat Openshift 4 affected versions not specified Description: The issue is related to an insecure modification vulnerability in the /etc/passwd file. An attacker with access to the container could...
PT-2021-2447 · Cisco · Cisco Access Points
Name of the Vulnerable Software and Affected Versions: Cisco Access Points Software affected versions not specified Description: A vulnerability in the boot logic of Cisco Access Points Software could allow an authenticated, local attacker to execute unsigned code at boot time. The issue is due t...
F5 BIG-IP 跨站脚本漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. The F5 BIGIP TMUI Remote Command Execution vulnerability can be exploited by an attacker to execute arbitrary system commands,...
SUSE-SU-2021:0722-1 Security update for crmsh
This update for crmsh fixes the following issues: - Update to version 4.1.0+git.1614156984.f4f5e146: Fix: hbreport: walk through hbreport process under haclusterCVE-2020-35459, bsc1179999; CVE-2021-3020, bsc1180571 Fix: bootstrap: setup authorized ssh access for haclusterCVE-2020-35459, bsc117999...
ant: insecure temporary file vulnerability
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches 安全漏洞
Cisco NX-OS Software and so on are products of Cisco Corporation.Cisco NX-OS Software is a set of data center-grade operating system software used by switches.Cisco Nexus 3000 Series Switches is a 3000 series switch.Cisco Nexus 9000 Series Switches is a 9000 series switch. A security vulnerabilit...
CVE-2021-23876
Bypass Remote Procedure call in McAfee Total Protection MTP prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware...
CVE-2021-23876 McAfee Total Protection (MTP) Bypass Remote Procedure call vulnerability
Bypass Remote Procedure call in McAfee Total Protection MTP prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware...
PT-2021-15578 · Mcafee · Mcafee Total Protection
Name of the Vulnerable Software and Affected Versions: McAfee Total Protection versions prior to 16.0.30 Description: The issue allows a local user to bypass Remote Procedure Call in McAfee Total Protection, gaining elevated privileges and performing arbitrary file modification as the SYSTEM user...
JTopCMS Backend Logic Flaw Vulnerability of Hefei Mingjing Information Technology Co.
JTopCMS is based on the JavaEE standard , used to manage the site content of the open source web management system . Hefei Mingjing Information Technology Co., Ltd. JTopCMS back-end logic flaws exist in the vulnerability, attackers can use the vulnerability to modify the file suffix...
CVE-2020-10553
An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...
Design/Logic Flaw
An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen aka screensaver of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify...
CVE-2020-35513
A flaw incorrect umask during file or directory modification in the Linux kernel NFS network file system functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with...