CVE-2022-30060

ftcms =2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php...

CVE-2022-30060

CVE-2022-30060 affects ftcms (

CVE-2022-23743

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading t...

CVE-2022-23743

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading t...

CVE-2022-23743

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading t...

Code injection

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading t...

CVE-2021-34605

A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an uplo...

CVE-2021-34605

A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an uplo...

Information disclosure

A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an uplo...

CVE-2021-34606 XINJE XD/E Series PLC Program Tool DLL Hijacking

A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can allow an authenticated, local attacker to load a malicious DLL. Local access is required to successfully exploit this vulnerability. This means the potential attacker must have access to the system and...

CVE-2021-34605

CVE-2021-34605 affects XINJE XD/E Series PLC Program Tool up to version 3.5.1. A zip-slip flaw in handling a crafted project file could grant arbitrary file write, potentially enabling remote code execution, information disclosure and DoS on the tool. Affected path includes opening a malicious pr...

CVE-2021-34605 Xinje XD/E Series PLC Program Tool Zip Slip

A zip slip vulnerability in XINJE XD/E Series PLC Program Tool up to version v3.5.1 can provide an attacker with arbitrary file write privilege when opening a specially-crafted project file. This vulnerability can be triggered by manually opening an infected project file, or by initiating an uplo...

gzip security update

1.5-11 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271...

ftcms 安全漏洞

ftcms is a content management system from ftcms. ftcms version 2.1 and previous versions have an arbitrary file write vulnerability, which originates from the lack of valid file checksum in admin/controllers/tp.php and can be exploited by attackers to cause arbitrary file writes...

PT-2022-16245 · Check Point · Zonealarm

Name of the Vulnerable Software and Affected Versions: Check Point ZoneAlarm versions prior to 15.8.200.19118 Description: The issue allows a local actor to escalate privileges during the upgrade process. Additionally, weak permissions in the ProgramDataCheckPointZoneAlarmDataUpdates directory...

CVE-2022-23743

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading t...

SUSE SLED15 / SLES15 Security Update : gzip (SUSE-SU-2022:1617-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1617-1 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's...

The vulnerability in the implementation of the unTar() function for the distributed development and execution platform of Apache Hadoop allows a hacker to write arbitrary files.

The vulnerability of the unTar function implementation in the distributed development and execution platform for Apache Hadoop is related to deficiencies in checking the path name of the restricted-access directory. Exploiting this vulnerability could allow an attacker to write arbitrary files...

Oracle Linux 7 : gzip (ELSA-2022-2191)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-2191 advisory. 1.5-11 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271 Tenable has extracted the preceding description block directly from the Orac...

CVE-2022-1537

file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. This vulnerability is capable of arbitrary file writes which can lead to local privilege escalation to the GruntJS user if a lower-privilege...