CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7184 matches found

RedHat Linux•added 2019/08/15 1:29 p.m.•57 views

Important: Red Hat Security Advisory: OpenShift Container Platform 3.11 jenkins security update

An update for jenkins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.6AI score0.10225EPSS

Exploits1References4

BDU FSTEC•added 2019/08/13 12:0 a.m.•5 views

The vulnerability of the IcedTea-Web plugin, related to errors in processing JNLP files, allows a hacker to write any files into the device’s file system.

The vulnerability of the IcedTea-Web plugin is related to errors in processing JNLP files. Exploiting this vulnerability allows a remote attacker to write arbitrary files to the device’s file system using a specially created application...

8.5CVSS5.7AI score0.02743EPSS

Exploits0References6Affected Software5

BDU FSTEC•added 2019/08/13 12:0 a.m.•2 views

The vulnerability in the web interface for managing Cisco Small Business Series 220 routers allows a perpetrator to write arbitrary files to the device’s file system.

The vulnerability of the Cisco Small Business Series 220 router management web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to write arbitrary files to the device’s file system by sending specially crafted HTTP or HTTPS...

10CVSS5.6AI score0.17037EPSS

Exploits2References3Affected Software1

Veracode•added 2019/08/07 5:17 a.m.•28 views

Arbitrary File Write

github.com/containers/libpod is vulnerable to arbitrary file write. The vulnerability exists through a symlink attack where an administrator can copy a file from the container to the host system...

7.2CVSS2.4AI score0.0046EPSS

Exploits0References5Affected Software1

OSV•added 2019/08/05 12:15 p.m.•2 views

CVE-2019-14521

The api/admin/logoupload Logo File upload feature in EMCA Energy Logserver 6.1.2 allows attackers to send any kind of file to any location on the server via path traversal in the filename parameter...

7.5CVSS7.2AI score0.02446EPSS

Exploits1References4

Veracode•added 2019/08/05 12:16 a.m.•31 views

Unauthorized File Write

samba is vulnerable to unauthorized file write. An improper implementation of the RPC endpoint that emulates the Windows registry service API allows an unprivileged attacker to create new registry hive file which can lead to creation of new files in the samba share...

5.4CVSS3.2AI score0.03392EPSS

Exploits0References35Affected Software4

OSV•added 2019/08/02 5:15 p.m.•1 views

CVE-2017-18446

cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API SEC-250...

6.3CVSS5.8AI score

Exploits0References2

Prion•added 2019/08/02 5:15 p.m.•15 views

Design/Logic Flaw

cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API SEC-250...

6.5CVSS6.4AI score0.00688EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/08/02 4:20 p.m.•21 views

CVE-2017-18446

cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API SEC-250...

6.4AI score0.00688EPSS

Exploits0References1

CVE•added 2019/08/02 4:20 p.m.•49 views

CVE-2017-18446

CVE-2017-18446 affects cPanel prior to 64.0.21. The issue allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250). The Red Hat/CNVD/EUVD/ENISA entries corroborate the core description. Impact as stated is potential access to restricted files and modificati...

6.5CVSS6.4AI score0.00688EPSS

Exploits0References2Affected Software1

OSV•added 2019/08/01 5:15 p.m.•2 views

CVE-2018-20947

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script SEC-356...

5.5CVSS5.8AI score0.00351EPSS

Exploits0References1

NVD•added 2019/08/01 5:15 p.m.•15 views

CVE-2018-20947

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script SEC-356...

5.5CVSS5.6AI score0.00351EPSS

Exploits0References1

Prion•added 2019/08/01 5:15 p.m.•13 views

Code injection

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script SEC-356...

2.1CVSS5.6AI score0.00351EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/08/01 4:15 p.m.•19 views

CVE-2018-20947

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script SEC-356...

5.6AI score0.00351EPSS

Exploits0References1

CVE•added 2019/08/01 4:15 p.m.•49 views

CVE-2018-20947

CVE-2018-20947: affects cPanel prior to 68.0.27, where the telnetcrt script allows certain file-write operations. Root cause details are not fully described in the provided documents, but the issue is tied to the telnetcrt script enabling unauthorized file writes. The vulnerability is documented ...

5.5CVSS5.5AI score0.00351EPSS

Exploits0References1Affected Software1

OSV•added 2019/08/01 4:15 p.m.•2 views

CVE-2016-10847

cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath SEC-80...

8.1CVSS5.9AI score

Exploits0References2

Prion•added 2019/08/01 4:15 p.m.•12 views

Design/Logic Flaw

cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath SEC-80...

5.5CVSS7.3AI score0.01118EPSS

Exploits0References2Affected Software1