7185 matches found
RHEL 9 : gzip (RHSA-2022:4582)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:4582 advisory. The gzip packages contain the gzip GNU zip data compression utility. gzip is used to compress regular files. It replaces them with files containing t...
GLSA-202209-01 : GNU Gzip, XZ Utils: Arbitrary file write
The remote host is affected by the vulnerability described in GLSA-202209-01 GNU Gzip, XZ Utils: Arbitrary file write - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can...
Amazon Linux 2022 : gzip, xz, xz-devel (ALAS2022-2022-058)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-058 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's...
Arbitrary File Write
spark-core is vulnerable to arbitrary file write. Lack of explicit checking of existence of source file in Utils.unpack before calling the method FileUtil.unTar of Hadoop which has a loophole in handling of missing .tar files...
The vulnerability of the Rsync file transfer and synchronization utility, related to authentication errors, allows a perpetrator to write arbitrary files.
The vulnerability of the Rsync file transfer and synchronization utility is related to authentication errors. Exploiting this vulnerability allows a remote attacker to write arbitrary files...
SUSE: Security Advisory (SUSE-SU-2022:2959-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-34373
Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system...
CVE-2022-34373
Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system...
Design/Logic Flaw
Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system...
CVE-2022-34373
Dell Command | Integration Suite for System Center, versions prior to 6.2.0, contains arbitrary file write vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability in order to perform an arbitrary write as system...
CVE-2022-34373
CVE-2022-34373 affects Dell Command | Integration Suite for System Center (vulnerable: prior to 6.2.0). The vulnerability is an arbitrary file write undermining the ability of a locally authenticated user to perform writes as SYSTEM. Affected component is the Dell Command | Integration Suite for ...
AZL-10819 CVE-2022-1271 affecting package gzip for versions less than 1.12-1
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
DEBIAN-CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
ALPINE-CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...
CVE-2022-1271
CVE-2022-1271 affects GNU gzip's zgrep: an attacker can cause arbitrary file writes by supplying crafted multi-line filenames. Two or more consecutive newlines in filenames lead to content and target file names being embedded in the same path, and insufficient validation enables remote, low-privi...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...