Oracle MySQL 5.5.x < 5.5.53 Multiple Vulnerabilities

Binary data 9747.prm...

CVE-2016-6140

SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591...

CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

All Windows Null-Free Shellcode - Functional Keylogger to File - 601 0x0259 bytes

All Windows Null-Free Shellcode - Functional Keylogger to File - 601 0x0259 bytes. Shellcode exploit for windows platform / ; Exploit Title: All windows null free shellcode - functional keylogger to file - 601 0x0259 bytes ; Date: Sat May 7 19:32:08 GMT 2016 ; Exploit Author: Fugu ; Vendor...

Design/Logic Flaw

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname...

The vulnerabilities of Adobe Integrated Runtime and Flash Player allow a perpetrator to circumvent access restrictions for recording files.

The vulnerability of Adobe Integrated Runtime and Flash Player is related to deficiencies in access control for files. Exploiting this vulnerability can allow a malicious actor to bypass access restrictions on file writing...

Code injection

Cisco Mobility Services Engine MSE through 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504...

eyou某服务器配置不当(存在被Getshell风险)

简要描述： eyou某服务器配置不当，存在被getshell风险 详细说明： 在已知mail.you.net web绝对路径情况下。 可使用redis写文件。getshell。 漏洞证明：...

The vulnerability of the libvdpau library, which allows a hacker to execute arbitrary files

The vulnerability of the libvdpau library is related to incorrect handling of environmental variables. Exploiting this vulnerability allows a local attacker to execute arbitrary file writing operations...

ActiveState Perl.exe x64 Client 5.20.2 - Crash (PoC)

ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC Exploit Title: ActiveState Perl.exe x64 Client Denial of Service v5.20.2 Date: 9-3-2015 Software Link:...

Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability

A vulnerability in the Command Line Interface CLI parser of Cisco Nexus Operating System NX-OS devices could allow an authenticated, local attacker to perform a privilege escalation. The vulnerability is due to improper input validation of special characters within filenames. An attacker could...

CVE-2015-3436

Zarafa Collaboration Platform (ZCP) is affected by CVE-2015-3436 due to a symlink attack on /tmp/zarafa-upgrade-lock in provider/server/ECServer.cpp. Affects ZCP before 7.1.13 and 7.2.x before 7.2.1, enabling local users to write arbitrary files. Remediation per sources: upgrade to 7.1.13 or 7.2....

CVE-2015-4155

GNU Parallel before 20150422, when using 1 --pipe, 2 --tmux, 3 --cat, 4 --fifo, or 5 --compress, allows local users to write to arbitrary files via a symlink attack on a temporary file...

CVE-2015-0665

The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0.00051 and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173...

CVE-2015-2304

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive...

Code injection

KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and consequently execute arbitrary code, via vectors involving an article...

Path traversal

rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...

CVE-2015-1193

Multiple directory traversal vulnerabilities in pax 1:20140703 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...

CVE-2015-1192

Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive...

BaoFeng-Storm-M3U

Title: BaoFeng Storm M3U File Processing Buffer Overflow Exploit CNVD-ID: CNVD-2010-00752 Author: Lufeng Li and Qingshan Li of Neusoft Corporation Download: www.baofeng.com Test: Put m3u file in roote.g. c:/ d:/,and open this m3u file file= "baofeng.m3u" junk ="\x41"795 nseh="\x61\xe8\xe1"...