PT-2024-18219 · Unknown · Tie Secure Relay

Name of the Vulnerable Software and Affected Versions: TIE Secure Relay affected versions not specified Description: A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could modify application files on the TIE Secure Relay host, which could allow for...

The vulnerability of the official interface for developing container applications in Plone Docker allows a hacker to gain access to modify or delete files.

The vulnerability of the official Plone Docker image for container applications lies in the absence of a mechanism to prevent unintended modifications to resources during request processing. Exploiting this vulnerability could allow an attacker to gain access to modify or delete files using PUT a...

PT-2024-20474 · Allegro Ai · Clearml

Name of the Vulnerable Software and Affected Versions: Allegro AI's ClearML platform affected versions not specified Description: The issue is related to a lack of authentication in the fileserver component, allowing a remote attacker to access, create, modify, and delete files without proper...

CVE-2023-50327

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

Design/Logic Flaw

IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to perform unauthorized file request modification. IBM X-Force ID: 275109...

CVE-2023-50327

CVE-2023-50327 affects IBM PowerSC 1.3, 2.0, and 2.1. The vulnerability arises from the use of insecure HTTP methods, which could allow a remote attacker to modify unauthorized file requests. Affected components/filesets include powerscStd.uiServer, powerscStd.uiAgent, and powerscMFA.server (rang...

PT-2024-13904 · Ibm · Ibm Powersc

Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue is related to the use of insecure HTTP methods, which could allow a remote attacker to perform unauthorized file request modification. Recommendations: For versions 1.3 through 2.1,...

Stompy - Timestomp Tool To Flatten MAC Times With A Specific Timestamp

A PowerShell function to perform timestomping on specified files and directories. The function can modify timestamps recursively for all files in a directory. Change timestamps for individual files or directories. Recursively apply timestamps to all files in a directory. Option to use specific...

Design/Logic Flaw

An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files...

CVE-2023-5389

An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files...

CVE-2023-5389

Honeywell CVE-2023-5389 affects Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. The vulnerability involves use of a dangerous method/function in the Configuration Handler that could allow an attacker to modify files, potentially causing configuration changes or malicious code execu...

CVE-2023-5389

An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files...

PT-2024-1408 · Honeywell · Honeywell Experion Controledge Virtualuoc +1

Name of the Vulnerable Software and Affected Versions: Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC affected versions not specified Description: The issue is related to the use of dangerous methods or functions in the Configuration Handler component of the Honeywell Experion...

Exploit for Code Injection in Ispyconnect Agent_Dvr

CVE-2024-22514: Remote Code Execution in Agent DVR Informa...

CVE-2024-23900

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by...

CVE-2023-5716

ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission...

KTextEditor: Arbitrary Local Code Execution

Background Framework providing a full text editor component for KDE. Description A vulnerability has been discovered in KTextEditor. Please review the CVE identifiers referenced below for details. Impact KTextEditor executes binaries without user interaction in a few cases, e.g. KTextEditor will...

CVE-2023-50442

The CVE-2023-50442 entry concerns PRIMX ZONECENTRAL (through version 2023.5) where a local attacker with sufficient privileges can modify encrypted folders to temporarily exclude specific file types from encryption. The underlying issue is a local-privilege scenario that enables altering encrypti...

CVE-2023-43086

Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation...

Improper access control

Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation...