Claymore Dual Miner 10.1 Stack Buffer Overflow Vulnerability

Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner versions 10.1 and below suffer from a stack buffer overflow vulnerability. Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16929 Version: 0.2 Date: Nov 30th, 2017 Tag: claymore dual ethereum decred crypto currency miner...

Multiple Cisco Products Cisco NX-OS System Software Arbitrary File Write Vulnerability

Cisco Multilayer Director Switches are products of Cisco Corporation.Cisco Multilayer Director Switches is a switch product.Unified Computing System Manager is a set of embedded device management software.Cisco NX-OS System Software is a set of software that runs in the switch. Cisco NX-OS System...

CVE-2017-12332

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

CVE-2017-12332

CVE-2017-12332 affects Cisco NX-OS System Software on multiple Cisco Nexus series switches and UCS Manager. The issue stems from insufficient restrictions in the patch installation process, allowing an authenticated, local attacker with valid administrator credentials to install a crafted patch i...

Cisco NX-OS System Software Patch Installation Arbitrary File Write Vulnerability

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

QuickerBB Arbitrary File Write Vulnerability

QuickerBB is a lightweight PHP-based forum software. An arbitrary file write vulnerability exists in QuickerBB 0.7.2 and earlier versions. A remote attacker can exploit this vulnerability to execute code and take control of the server...

CVE-2017-1000169

QuickerBB version = 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB...

CVE-2017-1000169

QuickerBB version = 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB...

CVE-2017-1000125

Codiadfull version is vulnerable to write anything to configure file in the installation resulting upload a webshell...

CVE-2017-1000125

CVE-2017-1000125 affects Codiad. The vulnerability arises because full-version Codiad allows writing arbitrary data to its installation configuration file, enabling an attacker to upload a webshell. The issue is described consistently across sources as a file upload/configuration write flaw leadi...

Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write

Description The vulnerability is triggered by an authenticated user that can use the manualcommand console in the management panel of the affected application. The ManualCommand function in ManualCommand.js allows users to perform additional diagnostics and settings overview by using pre-defined...

CVE-2017-16780

The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file...

VMware AirWatch Console Security Bypass Vulnerability

VMware AirWatch is a console application for the VMware AirWatch Console, a suite of enterprise mobility management solutions from VMware. A security bypass vulnerability exists in VMware AirWatch Console version 9.x prior to 9.2.0. A remote attacker could exploit the vulnerability to write...

mybb -- multiple vulnerabilities

myBB Team reports: High risk: Installer RCE on configuration file write High risk: Language file headers RCE Medium risk: Installer XSS Medium risk: Mod CP Edit Profile XSS Low risk: Insufficient moderator permission check in delayed moderation tools Low risk: Announcements HTML filter bypass Low...

Samba Arbitrary File Write Vulnerability

Samba is free software that allows UNIX operating systems to link with the SMB/CIFS network protocol of the Microsoft Windows operating system. A security vulnerability exists in Samba that allows remote attackers to exploit the vulnerability to submit special requests to arbitrarily write or...

GHSA-GFJR-3JMM-4G9V Symlink Arbitrary File Overwrite in tar

Versions of tar prior to 2.0.0 are affected by an arbitrary file write vulnerability. The vulnerability occurs because tar does not verify that extracted symbolic links to not resolve to targets outside of the extraction root directory. Recommendation Update to version 2.0.0 or later...

Symlink Arbitrary File Overwrite in tar

Versions of tar prior to 2.0.0 are affected by an arbitrary file write vulnerability. The vulnerability occurs because tar does not verify that extracted symbolic links to not resolve to targets outside of the extraction root directory. Recommendation Update to version 2.0.0 or later...

Arbitrary File Write Access in Puppet

telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise PE 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log /tmp/out.log...

Squid Analysis Report Generator 2.3.10 - Remote Code Execution

Squid Analysis Report Generator 2.3.10 - Remote Code Execution Exploit Title: RCE/Arbitrary file write in Squid Analysis Report Generator SARG Google Dork: inurl:sarg-php Date: 01 September 2017 Exploit Author: Pavel Suprunyuk Vendor Homepage: https://sourceforge.net/projects/sarg/ Software Link:...

Squid Analysis Report Generator 2.3.10 - Remote Code Execution

Exploit Title: RCE/Arbitrary file write in Squid Analysis Report Generator SARG Google Dork: inurl:sarg-php Date: 01 September 2017 Exploit Author: Pavel Suprunyuk Vendor Homepage: https://sourceforge.net/projects/sarg/ Software Link: https://sourceforge.net/projects/sarg/ Version: Tested on...