CVE-2018-7102

HPE Intelligent Management Center (iMC) PLAT E0506P09 contains a directory traversal vulnerability in the imciccdm component (function createFabricAutoCfgFile). The issue arises from insufficient filtering of user-supplied paths before file operations, enabling remote attackers to modify or creat...

CVE-2018-16597

An issue was discovered in the Linux kernel where an incorrect access check in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

CVE-2018-16597

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

CVE-2018-16597

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)

/ Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o polyhostsshellcode -z execstack -fno-stack-protector polyhostsshellcode.c / / Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51 pus...

Linux/86 - File Modification (/etc/hosts 127.1.1.1 google.com) + Polymorphic Shellcode (99 bytes)

Linux/86 - File Modification /etc/hosts 127.1.1.1 google.com + Polymorphic Shellcode 99 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o...

CVE-2018-12163

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access...

CVE-2018-12163

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access...

Design/Logic Flaw

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access...

CVE-2018-12163

Intel IoT Developers Kit 4.0 installer contains a DLL-injection vulnerability that could allow an authenticated local user to escalate privileges by modifying files during install. Affected: Intel IoT Developers Kit 4.0 and earlier. Root cause: DLL injection in the installer process enabling priv...

CVE-2018-12163

A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access...

CVE-2018-16715

The CVE-2018-16715 entry concerns Absolute Software CTES Windows Agent (up to 1.0.0.1479). Root cause: security permissions on %ProgramData%\CTES and subfolders allow write access by low-privilege users. Impact: this enables unauthorized replacement of service executables (EXE) or DLLs and modifi...

CVE-2018-15486

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02...

CVE-2018-15486

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02...

Open redirect

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02...

CVE-2018-15486

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02...

CVE-2018-15486

The CVE-2018-15486 entry concerns KONE Group Controller (KGC) devices prior to version 4.6.5. The vulnerability enables Una uthenticated Local File Inclusion and file modification via the open HTTP interface by altering the name parameter of the file endpoint (aka KONE-02). This could impact conf...

KONE KGC 4.6.4 - Multiple Vulnerabilities

KONE KGC versions 4.6.4 and below suffer from unauthenticated remote code execution, denial of service, local file inclusion, and missing FTP access control vulnerabilities. Vulnerabilities in KONEs Group Controller KGC -------------------------------------------------------------------------...

[SECURITY] [DSA 4285-1] sympa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4285-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 05, 2018 https://www.debian.org/security/faq -...

HPE Moonshot Provisioning Manager Local Arbitrary File Modification Vulnerability

HPE Moonshot Provisioning Manager is an application for managing HPE Moonshot systems from Hewlett Packard Enterprise HPE. A local arbitrary file modification vulnerability exists in HPE Moonshot Provisioning Manager versions prior to 1.24, which can be exploited by a local attacker to modify...