2666 matches found
Improper File Validation
Drupal is vulnerable to improper file validations. The library does not validate uploaded REST files, allowing an authenticated malicious user to modify the file resource...
CVE-2017-6690
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected...
Cisco StarOS Arbitrary File Modification Vulnerability
A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. The vulnerability is due to insufficient input...
Unauthorized Modification of Arbitrary Files Vulnerability in 'DataBaseBackup_Edit.aspx' of MicroXia E-learning Platform
Micro Xia Online Learning Platform is an online education system based on B/S architecture. An unauthorized modification of arbitrary files vulnerability exists in 'DataBaseBackupEdit.aspx' of the Weixia Online Learning Platform. An attacker using this vulnerability to modify the db.config file i...
WordPress WP Editor plugin <= 1.2.5.3 - Authenticated File Modification Vulnerability
Authenticated File Modification Vulnerability was found in WordPress WP Editor plugin in 1.2.5.3 version. Any logged in user can edit files because there's no check for that. Solution Update the plugin...
Unspecified Vulnerability in SaltStack
SaltStack is a set of open source tools for managing infrastructure from SaltStack, Inc. in the United States. The tool provides configuration management, remote execution and other functions, able to manage tens of thousands of servers, with the ability to quickly complete the data transfer. A...
Authentication flaw
A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and...
CVE-2017-2331
A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and...
CentOS Update for java CESA-2017:1109 centos6
Check the version of java SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882705";...
CVE-2015-8258
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."...
CVE-2015-8258
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."...
Cisco Iox Arbitrary File Modification Vulnerability
Cisco IOx is a suite of applications from Cisco USA that provide unified hosting capabilities for Cisco's IoT network infrastructure. A security vulnerability in the web framework code in the CAF component of Cisco IOx can be exploited by remote attackers to upload malicious data messages to writ...
CVE-2017-3852
A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...
CVE-2017-5618
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...
CVE-2017-5618
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...
CVE-2017-5618
GNU Screen
Vulnerability of Mac OS X and iOS operating systems, allowing attackers to modify arbitrary files
The vulnerability of the libarchive component in Mac OS X and iOS systems is related to an incorrect definition of links before accessing files. Exploiting this vulnerability allows a malicious individual to modify arbitrary files by manipulating symlinks...
Vulnerability of Mac OS X and iOS operating systems, allowing attackers to modify arbitrary files
The vulnerability of the libarchive component in Mac OS X and iOS systems is related to an incorrect definition of the reference before accessing a file. Exploiting this vulnerability allows a remote attacker to modify any files using a specially crafted archive...
CVE-2016-5237
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file...
CVE-2016-9210
A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.51.11007.2. Known Fixed Releases...