Code injection

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed...

CVE-2022-23922 WIN-911 2021 Incorrect Default Permissions

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed...

CVE-2022-23922

CVE-2022-23922 affects WIN-911 2021 R1 (up to 5.21.10) and R2 (up to 5.21.17). Description: a permissions misconfiguration allows a local attacker to write files to the Program Announcer directory and escalate privileges when the program runs. Connected docs corroborate affected product/versions ...

CVE-2022-23922 WIN-911 2021 Incorrect Default Permissions

WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the Program Announcer directory and elevate permissions whenever the program is executed...

Cobbler < 3.3.0 Multiple Vulnerabilities

Cobbler is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

WIN-911 安全漏洞

Win-911 is a security software from the American company Win-911. It is used for industrial equipment alarm security. A security vulnerability exists in WIN-911 that stems from WIN-911's susceptibility to a privilege misconfiguration. An attacker could use this vulnerability to write files locall...

Win-911 安全漏洞

Win-911 is a security software from the American company Win-911. It is used for industrial equipment alarm security. A security vulnerability exists in WIN-911 2021 that stems from a misconfiguration of permissions in the product, which could allow an attacker to exploit the vulnerability to wri...

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File Modification

!/usr/bin/env python3 -- coding: utf-8 -- ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Vendor: Industrial Control Links, Inc. Product web page: http://www.iclinks.com Product datasheet:...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip using a specially crafted archive that holds directory traversal filenames e.g. ../../evil.exe. The attacker can overwrite executable files and either invoke them remotely or wait for...

CVE-2022-25297

This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names during upload using HttpFile::save method may enable attackers to write files to arbitrary locations outside the designated target folder...

CVE-2022-25299 Arbitrary File Write

This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...

Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a set of embedded server libraries from the Irish company Cesanta, which includes features for TCP, HTTP clients and servers, and WenSocket clients and servers. A security vulnerability exists in mongoose, which stems from the use of the mg http upload method's insecure handli...

GHSA-673J-QM5F-XPV8 pgjdbc Arbitrary File Write Vulnerability

Overview The connection properties for configuring a pgjdbc connection are not meant to be exposed to an unauthenticated attacker. While allowing an attacker to specify arbitrary connection properties could lead to a compromise of a system, that's a defect of an application that allows...

pgjdbc Arbitrary File Write Vulnerability

Overview The connection properties for configuring a pgjdbc connection are not meant to be exposed to an unauthenticated attacker. While allowing an attacker to specify arbitrary connection properties could lead to a compromise of a system, that's a defect of an application that allows...

CVE-2022-25188

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker...

GHSA-5WMG-J84W-4JJ4 Arbitrary File Write via Archive Extraction in mholt/archiver

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Arbitrary File Write via Archive Extraction in mholt/archiver

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Arbitrary File Write in Libcontainer

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

GHSA-MQ66-VCFC-8246 Mercurial Path Traversal/Link Following vulnerability

A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository...

PT-2022-2555 · Amazon · Amazon Aws Client Vpn

Name of the Vulnerable Software and Affected Versions: Amazon AWS VPN Client version 2.0.0 Description: An issue exists in the Amazon AWS VPN Client, allowing parameters outside of the allow list to be injected into the configuration file. This can lead to an arbitrary file write as SYSTEM with...