2676 matches found
CVE-2012-3808
Samsung Kies before 2.5.0.120942711 has arbitrary file modification...
Design/Logic Flaw
Samsung Kies before 2.5.0.120942711 has arbitrary file modification...
CVE-2012-3808
CVE-2012-3808 concerns Samsung Kies. The connected docs confirm a vulnerability class of Arbitrary File Modification in Kies versions prior to 2.5.0.12094_27_11, caused by insecure operations in the CmdAgentLib/CmdAgent dlls (ICommandAgent interface) used by Kies’ firmware update component. The a...
CVE-2012-3808
Samsung Kies before 2.5.0.120942711 has arbitrary file modification...
CVE-2019-6854
A CWE-287: Improper Authentication vulnerability exists in a folder within EcoStruxure Geo SCADA Expert ClearSCADA -with initial releases before 1 January 2019- which could cause a low privilege user to delete or modify database, setting or certificate files. Those users must have access to the...
CVE-2019-6854
CVE-2019-6854 concerns an improper authentication vulnerability in EcoStruxure Geo SCADA Expert (ClearSCADA). The issue is located in a folder within the product and, if exploited by a low-privilege user who has OS filesystem access, could allow deletion or modification of database, settings, or ...
CVE-2019-6854
A CWE-287: Improper Authentication vulnerability exists in a folder within EcoStruxure Geo SCADA Expert ClearSCADA -with initial releases before 1 January 2019- which could cause a low privilege user to delete or modify database, setting or certificate files. Those users must have access to the...
CVE-2019-19695
A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 v9.0.1379 and below could potentially allow an attacker to create a symbolic link to a target file and modify it...
Trend Micro Antivirus for Mac power lifting vulnerability (CNVD-2020-03732)
Trend Micro Antivirus for Mac is a set of antivirus software based on Mac platform from Trend Micro. A boost vulnerability exists in Trend Micro Antivirus for Mac 2019 9.0.1379 and earlier versions, which can be exploited by an attacker to create a symbolic link to a target file and modify the fi...
The vulnerability of the iphlpsvc.dll library in the Windows operating system allows a hacker to elevate their privileges and modify arbitrary files.
The vulnerability of the iphlpsvc.dll library in the Windows operating system is related to errors during file creation. Exploiting this vulnerability can allow attackers to enhance their privileges and modify arbitrary files using a specially created application...
CVE-2019-7194
CVE-2019-7194 is a QNAP Photo Station path-traversal vulnerability (external control of file name/path) that allows remote access to or modification of files. Affected: QNAP Photo Station (versions 5.2.11, 5.4.9, 5.7.10, and 6.0.3 or earlier). Impact per sources: remote access/modification of sys...
CVE-2019-7195
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
PT-2019-6063 · Qnap · Qnap Photo Station
Name of the Vulnerable Software and Affected Versions: QNAP Photo Station affected versions not specified Description: The issue allows remote attackers to access or modify system files due to an external control of file name or path vulnerability. This vulnerability is related to incorrect...
QNAP Photo Station Multiple Vulnerabilities (NAS-201911-25)
QNAP Photo Station is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
The vulnerability of the DIGSI 5 software and SIPROTEC 5 devices lies in the insufficient validation of input data. This allows attackers to obtain, modify, and delete files within the system.
The vulnerability of the DIGSI 5 software and the SIPROTEC 5 devices is related to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to obtain, modify, and delete files in certain parts of the system by sending specially crafted packets to port 443/TC...
WordPress orbisius-child-theme-creator plugin arbitrary file modification vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. orbisius-child-theme-creator is a child theme builder plugin used in it. An arbitrary file modification vulnerability exists in the...
CVE-2015-9456
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisiusctcthemeeditorajax&subcmd=savefile theme1, theme1file, or theme1filecontents parameter...
Design/Logic Flaw
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisiusctcthemeeditorajax&subcmd=savefile theme1, theme1file, or theme1filecontents parameter...
CVE-2015-9456
The CVE concerns the WordPress plugin “orbisius-child-theme-creator” (before version 1.2.8). The issue is incorrect access control on file modification via wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file with parameters theme_1, theme_1_file, or theme_1_file_conten...
Design/Logic Flaw
Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact...