CVE-2018-5519

On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.3, or 11.2.1-11.6.3.1, administrative users by way of undisclosed methods can exploit the ssldump utility to write to arbitrary file paths. For users who do not have Advanced Shell access for example, any user when licensed for Appliance Mode, this allo...

CVE-2013-0159

The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg...

Arbitrary File Write Vulnerability in CoverCMS v1.1.7

Shanghai Raging Wolf Network Technology Co., Ltd. is committed to the development of mobile Internet and enterprise website, e-commerce website. Arbitrary file writing vulnerability exists in CoverCMS v1.1.7, due to the product has not filtered the file name and content of the file to be written,...

Arbitrary File Write Vulnerability in phpComasy CMS System

phpComasy CMS is a foreign open source content management system, with simple and fast, scalable, is the ideal system for small and medium-sized websites. phpComasy CMS system suffers from an arbitrary file write vulnerability. An attacker can exploit the vulnerability to write a malicious file a...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel, before 4.13, allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrac...

Design/Logic Flaw

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

Zoho ManageEngine Desktop Central Web Services Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview org.codehaus.plexus:plexus-archiver is a Collection of Plexus components to create archives or extract files out of an archive to a directory with a unified Archiver/UnArchiver API whatever the archive format is. Affected versions of the package are vulnerable to Arbitrary File Write via...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview net.lingala.zip4j:zip4j is a open source java library to handle zip files. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. Successful exploitation of this vulnerability can result in remote command execution. Details It is exploit...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview org.zeroturnaround:zt-zip is a library that helps to create, modify or extract ZIP archives. Affected versions of the package are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". It is exploited using a specially crafted zip archive, that holds path traversal...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview sharpcompress is a compression library for .NET Standard 1.0 that can unrar, decompress 7zip, decompress xz, zip/unzip, tar/untar lzip/unlzip, bzip2/unbzip2 and gzip/ungzip with forward-only reading and file random access APIs. Affected versions of the package are vulnerable to Arbitrary...

Arbitrary File Write

diffoscope is vulnerable to arbitrary file write attacks. The vulnerability exists because it does not properly escape the filenames when extracting archive members...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview github.com/mholt/archiver/cmd/archiver makes it trivially easy to make and extract common archive formats such as .zip, and .tar.gz. Simply name the input and output files. Affected versions of the package are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". It i...

UBUNTU-CVE-2018-1079

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with...

DEBIAN-CVE-2018-1079

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with...

pcs: Privilege escalation via authorized user malicious REST call

It was found that the REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with write permissions could create or overwrite arbitrary files with arbitrary data outside of the...

SeaCMS system has an override access vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A code execution vulnerability exists in the SeaCMS system. Because the program does not effectively filter the data written to the write...

Design/Logic Flaw

In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from. This is because FTP client code in HPL/SQL does not veri...

CVE-2018-1315

CVE-2018-1315 affects Apache Hive 2.1.0–2.3.2 when using the HPL/SQL extension and issuing COPY FROM FTP. The FTP client does not verify the destination path, allowing a compromised FTP server to cause the downloaded file to be written to an arbitrary location on the cluster where the command is ...

Arbitrary File Write

Overview org.apache.hive:hive-hplsql is a data warehouse software facilitates reading, writing, and managing large datasets residing in distributed storage using SQL. Affected versions of this package are vulnerable to Arbitrary File Write via the File Transfer Protocol FTP client functionality...