2666 matches found
CVE-2018-20892
cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling SEC-439...
CVE-2018-20888
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication SEC-424...
CVE-2018-20888
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication SEC-424...
Authentication flaw
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication SEC-424...
CVE-2018-20888
CVE-2018-20888 affects cPanel prior to 74.0.0, where an incorrect HTTP authentication context allows file modification by the root account. This is a local vulnerability with impact on integrity (as per the mounted CVSS data) and does not appear to have publicly documented exploitation details or...
CVE-2018-20888
cPanel before 74.0.0 allows file modification in the context of the root account because of incorrect HTTP authentication SEC-424...
cPanel Access Control Error Vulnerability
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An access control error vulnerability exists in cPanel versions prior to 80.0.5, which can be exploited by an attacker to modify...
CVE-2019-14397
cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call SEC-496...
CVE-2019-14397
cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call SEC-496...
The vulnerability of the virDomainManagedSaveDefineXML function in the libvirtd library allows a hacker to modify any files they desire.
The vulnerability of the virDomainManagedSaveDefineXML function in the libvirtd library is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to modify arbitrary files by sending a specially crafted request...
F5 BIG-IP Permission License and Access Control Issues Vulnerability (CNVD-2019-32034)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A vulnerability exists in F5 BIG-IP with privilege permission and access control issues. An attacker can exploit this...
HP Support Assistant elevation of privilege vulnerability (CNVD-2019-23307)
HP Support Assistant is a utility program included in all HP computers to diagnose technical problems and manage updates. An elevation of privilege vulnerability exists in HP Support Assistant 8.7.50 and earlier versions. An attacker could use this vulnerability to gain system privileges and make...
CVE-2019-6328
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329...
CVE-2019-6328
HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6329...
CVE-2019-6328
CVE-2019-6328 affects HP Support Assistant 8.7.50 and earlier. Connected exploit details describe a local privilege escalation via the HP Support Framework service: the HPSAObjUtil8 component changes permissions of XML files under C:\ProgramData\Hewlett-Packard\HP Support Framework\Logs\Temp\HPSA...
HPSBGN03620 rev. 4 - HP Support Assistant Escalation of Privilege Vulnerability
Potential Security Impact Elevation of privilege and unauthorized modification of directories or files. Source: HP, HP Product Security Response Team PSRT Reported by: Philippe Laulheret McAfee Advanced Threat Research, ManhNDd Bkav Corporation VULNERABILITY SUMMARY The vulnerability allows a use...
CVE-2019-12289
An issue was discovered in upgradefirmware.cgi on VStarcam 100T C7824WIP CH-sys-48.53.75.119123 and 200V C38S CH-sys-48.53.203.119123 devices. A remote command can be executed through a system firmware update without authentication. The attacker can modify the files within the internal firmware o...
Command injection
An issue was discovered in upgradefirmware.cgi on VStarcam 100T C7824WIP CH-sys-48.53.75.119123 and 200V C38S CH-sys-48.53.203.119123 devices. A remote command can be executed through a system firmware update without authentication. The attacker can modify the files within the internal firmware o...
Denial Of Service
wildfly is vulnerable to denial of service attacks. Locally authenticated attacker could modify the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root...
kernel: userfaultfd bypasses tmpfs file permissions
A flaw was found in the Linux kernel with files on tmpfs and hugetlbfs. An attacker is able to bypass file permissions on filesystems mounted with tmpfs/hugetlbs to modify a file and possibly disrupt normal system behavior. At this time there is an understanding there is no crash or privilege...