CVE-2021-3762

A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution. Mitigation Mitigatio...

Clair 路径遍历漏洞

Clair is an open source project. It is used to statically analyze vulnerabilities in application containers currently including Oci and Docker. Clair suffers from a path traversal vulnerability that stems from a directory traversal vulnerability found in Clair's ClairCore engine. An attacker can...

CVE-2021-39827

Adobe Digital Editions 4.5.11.187646 and earlier are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation ...

CVE-2021-39827

Adobe Digital Editions 4.5.11.187646 and earlier are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation ...

Design/Logic Flaw

Adobe Digital Editions 4.5.11.187646 and earlier are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation ...

CVE-2021-39827

CVE-2021-39827 affects Adobe Digital Editions 4.5.11.187646 and earlier, enabling an arbitrary file write via the Digital Editions installer. Exploitation context is local, authenticated, with user interaction required before installation. The macOS Nessus/Night audits map this under APSB21-80; a...

CVE-2021-39827 Adobe Digital Editions Installer flaw leads to Arbitrary File System Write

Adobe Digital Editions 4.5.11.187646 and earlier are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation ...

SUSE-SU-2021:3170-1 Security update for SUSE Manager Server 4.2

This update fixes the following issues: branch-network-formula: - Use kernel parameters from PXE formula also for local boot cobbler - security issues fixed: - CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection bsc1189458 - CVE-2021-40324: Fixed an arbitrary file write bsc11894...

SUSE-SU-2021:3151-1 Security update for cobbler

This update for cobbler fixes the following issues: Security issues fixed: - CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection bsc1189458 - CVE-2021-40324: Fixed an arbitrary file write bsc1189458 - CVE-2021-40325: Fixed a problem with the token validation bsc1189458 - Please...

PT-2021-22860 · Cobbler +2 · Cobbler +2

Name of the Vulnerable Software and Affected Versions: Cobbler versions prior to 3.3.0 Description: The issue allows arbitrary file write operations via upload log data. Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue...

CVE-2020-21480

An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2020-21480

An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2020-21480

CVE-2020-21480 affects RGCMS v1.06. The vulnerability is an arbitrary file write that allows an attacker to execute arbitrary code through a crafted PHP file. Impact is stated as high (CVE details mention potential code execution, with CVSSv3.1 vector indicating network access, low complexity, un...

CVE-2020-21480

An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2021-40964

A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file with Admin credentials or with the CSRF vulnerability with the "fullpath" parameter containing path traversal strings ../ and ..\ in order to escape the server's...

USN-5078-1 squashfs-tools vulnerability

Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem...

Adobe Digital Editions 安全漏洞

Adobe Digital Editions software provides an engaging way to help you view and manage eBooks and other digital publications. Adobe Digital Editions 4.5.11.187646 and earlier versions are vulnerable to an arbitrary file system write vulnerability. The vulnerability stems from the creation of...

Cisco IOS XR Software Arbitrary File Read and Write (cisco-sa-iosxr-scp-inject-QwZOCv2)

According to its self-reported version, Cisco IOS XR is affected by an arbitrary file read and write vulnerability in its SSH server process due to insufficient input validation of user supplied input. An authenticated, remote attacker can exploit this, by specifying specific SCP parameters when...

CVE-2021-25450

Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket...

CVE-2021-25450

Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket...