Default credentials

cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...

CVE-2018-20882

CVE-2018-20882 affects cPanel prior to 74.0.8, enabling arbitrary file-write under the root context during WHM Force Password Change (SEC-447). This is a local-attack vector impacting systems running affected cPanel versions. The vulnerability arises in the root context during the password-change...

CVE-2018-20882

cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...

USN-4085-1 Sigil vulnerability

Mike Salvatore discovered that Sigil mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem...

CVE-2019-10185

It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break o...

icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite

It was found that icedtea-web was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox...

Jenkins < 2.186 and < 2.176.2 LTS Multiple Vulnerabilities - Linux

Jenkins is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Jenkins < 2.186 and < 2.176.2 LTS Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

Code injection

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

CVE-2019-14413

CVE-2019-14413 affects cPanel prior to 78.0.2, where an input validation/permissions issue allows certain file-write operations as a shared user during connection resets (SEC-476). Documented by multiple sources (NVD, Red Hat, CNVD, CVE lists) confirms the vulnerability in the cPanel web-based pl...

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...

Comodo Antivirus explosion multiple vulnerabilities-vulnerability warning-the black bar safety net

Comodo is a company located in the United States software company, headquartered in Jersey City, was established in 1998, is a world-renowned IT security service provider and SSL certificate providers. Researchers at Comodo Antivirus / Comodo Antivirus Advanced and other products found in the...

kubernetes: Incomplete fix for CVE-2019-1002101 allows for arbitrary file write via `kubectl cp`

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is...

Comodo Antivirus / Internet Security Multiple Vulnerabilities

The version of the Comodo security product installed on the remote Windows host is affected by multiple vulnerabilities: - A Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can th...

Code execution vulnerability in zblog php system

zblogphp is an open source program. A code execution vulnerability exists in the zblogphp system. An attacker can exploit the vulnerability to write files and gain server privileges...

Comodo Security Solutions Antivirus Arbitrary File Write Vulnerability

Comodo Security Solutions Antivirus is a suite of antivirus software from the American company Comodo Security Solutions. The software is mainly used to protect against computer viruses, malware and other Internet threats. A security vulnerability exists in Comodo Security Solutions Antivirus...

b3log Wide Arbitrary File Read/Write Vulnerability

b3log Wide is a set of Web-based Go language integrated development environment IDE . An arbitrary file read/write vulnerability exists in versions of b3log Wide prior to 1.6.0, which can be exploited by an attacker to access arbitrary files...