CVE-2018-16097

Lenovo XClarity Integrator (LXCI) for VMware and LXCI for Microsoft System Center are affected. Versions prior to 5.5 (VMware) and 3.5 (System Center) allow an authenticated user to write to arbitrary system files due to insufficient validation during certificate upload. The CVE entry CVE-2018-16...

Debian DLA-1592-1 : otrs2 security update

Two security vulnerabilities were discovered in OTRS, a Ticket Request System, that may lead to privilege escalation or arbitrary file write. CVE-2018-19141 An attacker who is logged into OTRS as an admin user may manipulate the URL to cause execution of JavaScript in the context of OTRS...

Debian: Security Advisory (DLA-1592-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1592-1] otrs2 security update

Package : otrs2 Version : 3.3.18-1+deb8u7 CVE ID : CVE-2018-19141 CVE-2018-19143 Two security vulnerabilities were discovered in OTRS, a Ticket Request System, that may lead to privilege escalation or arbitrary file write. CVE-2018-19141 An attacker who is logged into OTRS as an admin user may...

GHSA-P639-XXV5-J383 Incorrect Permission Assignment for Critical Resource in Apache hive

In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from. This is because FTP client code in HPL/SQL does not veri...

Command execution vulnerability in Zendo Enterprise mo***.php file

Zendo Enterprise Edition is open source project management software. A command execution vulnerability exists in the Zendo Enterprise Edition mo.php file. An attacker can exploit the vulnerability to write arbitrary files to gain server privileges...

CVE-2018-1797

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using Enterprise bundle Archives EBA could allow a local attacker to traverse directories on the system. By persuading a victim to extract a specially-crafted ZIP archive containing "dot dot slash" sequences ../, an attacker could exploit th...

Apache Hadoop Arbitrary File Write Vulnerability

Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. An arbitrary file write...

Arbitrary File Write

inspec is vulnerable to arbitrary file write attacks. The attack exists due to lack of validation of the relative paths in a zip file to avoid going outside of the target directory...

Arbitrary File Write Vulnerability in LaySNS v2.4

LaySNS is a lightweight, ThinkPHP+Layui-based integrated website management system that integrates content management and community interaction. LaySNS v2.4 has an arbitrary file write vulnerability that can be exploited by an attacker to write arbitrary files and gain control of the web server...

GHSA-XGC9-9W4V-H33H High severity vulnerability that affects org.apache.syncope:syncope-core

An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can use XSL Transformations XSLT to perform malicious operations, including but not limited to file read, file write, and code execution...

High severity vulnerability that affects org.apache.syncope:syncope-core

An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can use XSL Transformations XSLT to perform malicious operations, including but not limited to file read, file write, and code execution...

GHSA-QFJV-998W-Q48F Improper Restriction of XML External Entity Reference in org.apache.syncope:syncope-core

An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution...

CVE-2018-17186

CVE-2018-17186 affects Apache Syncope (admin/workflow entitlements) where XML External Entity (XXE) via DTD in workflow definitions allows an attacker to read/write files and execute code. Multiple sources (CNVD/NVD/OSV/Veracode/GHSA) describe the vulnerability as involving DTD processing to perf...

CVE-2018-17186

An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution...

CVE-2018-17186

An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution...

LibreHealth 2.0.0 - (Authenticated) Arbitrary File Actions

LibreHealth 2.0.0 - Authenticated Arbitrary File Actions Exploit Title: LibreHealth 2.0.0 - Arbitrary File Actions Date: 2018-10-19 Exploit Author: Carlos Avila Vendor Homepage: https://librehealth.io/ Software Link: https://github.com/LibreHealthIO/lh-ehr Version: 2.0.0 Tested on: Debian LAMP,...

glusterfs: Device files can be created in arbitrary locations

A flaw was found in RPC request using gfs3mknodreq supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node...

rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file

A directory and symbolic link traversal flaw was found in the way rubyzip gem extracts zip files. An attacker, with access to a privileged application capable of extracting zip files, could use this flaw to write new files to arbitrary paths, accessible by the aforementioned privileged applicatio...

Advantech WebAccess WADashboard API Path Traversal Vulnerability

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides remote control and management of automation devices.WADashboard API is one of the dashboard API components. A...