ABB Drive Composer 后置链接漏洞

ABB Drive Composer is a 32-bit Windows application from ABB Switzerland. It is used to commission and maintain ABB Common Architecture drives. A security vulnerability exists in ABB Drive Composer that originates from a vulnerability that allows a low-privileged attacker to create and write files...

PT-2022-20614 · Abb · Abb Automation Builder +1

Name of the Vulnerable Software and Affected Versions: ABB Automation Builder Drive Composer affected versions not specified Description: The issue allows a low-privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content, provided the file does n...

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

Important: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

xz security update

5.2.4-4 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...

RHEL 8 : xz (RHSA-2022:4991)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4991 advisory. XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv- Markov chain algorithm LZMA, which performs...

Emerson Dixell Arbitrary File Write (CVE-2021-45420)

An arbitrary file write vulnerability exists in Emerson Dixell. Successful exploitation of this vulnerability could result in denial of service and potentially code execution on the affected system...

RHEL 8 : xz (RHSA-2022:4994)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4994 advisory. XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv- Markov chain algorithm LZMA, which performs...

Researchers Disclose Critical Flaws in Industrial Access Controllers from HID Mercury

As many as four zero-day security vulnerabilities have been disclosed in the HID Mercury access controller system that's used widely in healthcare, education, transportation, and government facilities. "The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and loc...

Amazon Linux AMI : gzip (ALAS-2022-1590)

The version of gzip installed on the remote host is prior to 1.5-9.20. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1590 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

Amazon Linux AMI : xz (ALAS-2022-1598)

The version of xz installed on the remote host is prior to 5.2.2-1.14. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1598 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

CVE-2021-40668

The Android application HTTP File Server Version 1.4.1 by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write...

Path traversal

The Android application HTTP File Server Version 1.4.1 by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write...

CVE-2021-40668

The CVE-2021-40668 entry concerns the Android application HTTP File Server (Version 1.4.1) by slowscript. Multiple connected sources confirm a path traversal vulnerability that permits arbitrary directory listing, file read, and file write. The NVD entry lists impact including partial confidentia...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the g GitArtifactReader.Read API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ... Details A...

Important: gzip

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...