CVE-2016-5253

The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link...

CVE-2016-5253

The Updater in Mozilla Firefox before 48.0 on Windows allows local users to write to arbitrary files via vectors involving the callback application-path parameter and a hard link...

CVE-2016-5253

Mozilla Firefox updater on Windows (pre-48.0) is affected. The Updater can be abused via the callback application-path parameter and a hard link to write arbitrary files (local privilege escalation). A fix is to upgrade to Firefox 48.0 or later; apply vendor advisories for the exact patched versi...

CVE-2016-6232

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ dot dot slash in a filename in an archive file, related to KNewsstuff downloads...

Libupnp Arbitrary File Write Vulnerability

libupnp is a portable open source provides an API and open source code UPnP development toolkit . A security vulnerability exists in libupnp. A remote attacker can exploit this vulnerability to read and write arbitrary files on the file system...

CVE-2016-3992

cronic before 3 allows local users to write to arbitrary files via a symlink attack on a 1 cronic.out.$$, 2 cronic.err.$$, or 3 cronic.trace.$$ file in /tmp...

CVE-2016-3992

CVE-2016-3992 affects cronic prior to version 3, enabling local users to write arbitrary files via a symlink attack against cronic.out.$$, cronic.err.$$, or cronic.trace.$$ in /tmp. Root cause: symlink manipulation in temporary files. Practical impact: local privilege or data tampering risk with ...

CVE-2016-3992

cronic before 3 allows local users to write to arbitrary files via a symlink attack on a 1 cronic.out.$$, 2 cronic.err.$$, or 3 cronic.trace.$$ file in /tmp...

UBUNTU-CVE-2016-6232

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ dot dot slash in a filename in an archive file, related to KNewsstuff downloads...

Arbitrary File Write Vulnerability on Server Side of NJ MAGAPP Products

MAGAPP is a forum mobile client management system developed for local urban communities, including iOS, Android cell phone, PC management system, independent Discuz and multi-platform sharing components, able to dock the urban community website database and run independently on the local...

Race condition

Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System...

The vulnerability of the Security SiteProtector System, a website security protection system, allows a hacker to write arbitrary files.

The vulnerability of the Security SiteProtector System’s security protection mechanism exists due to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability allows a malicious actor to remotely write arbitrary files...

ALPINE-CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

CVE-2016-4971

CVE-2016-4971 affects GNU Wget prior to 1.18. The issue occurs when following an HTTP redirect to an FTP resource: the filename provided by the server is trusted, which can cause wget to overwrite a local file with a name from the redirected resource. This could potentially allow arbitrary file o...

RockLoader SQL Injection / Shell Upload

Exploit Title: RockLoader aka Bart Malware SQLi and shell file upload Date: 27-06-2016 Software Link Leak: https://github.com/colocation/RockLoader-source Exploit Author: Danail Velev Contact: ICQ: 209030 / [email protected] Website: http://colocation.bg/ Category: webapps / malware / private...

CVE-2016-1435

Cisco 8800 phones with software 11.01 do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014...

Gemalto Sentinel License Manager 18.0.1 Directory Traversal

Gemalto Sentinel License Manager 18.0.1 Directory Traversal Vulnerability Vendor: Gemalto NV | SafeNet, Inc Product web page: http://www.gemalto.com | http://www.safenet-inc.com Affected version: 18.0.1.55505 Summary: The Sentinel License Manager enforces and manages licensing in multi-user...

Gemalto Sentinel License Manager 18.0.1.55505 - Directory Traversal

Exploit for windows platform in category web applications Gemalto Sentinel License Manager 18.0.1 Directory Traversal Vulnerability Vendor: Gemalto NV | SafeNet, Inc Product web page: http://www.gemalto.com | http://www.safenet-inc.com Affected version: 18.0.1.55505 Summary: The Sentinel License...