CVE-2015-8258

AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."...

Cisco Iox Arbitrary File Modification Vulnerability

Cisco IOx is a suite of applications from Cisco USA that provide unified hosting capabilities for Cisco's IoT network infrastructure. A security vulnerability in the web framework code in the CAF component of Cisco IOx can be exploited by remote attackers to upload malicious data messages to writ...

CVE-2017-3852

A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...

CVE-2017-5618

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...

CVE-2017-5618

GNU Screen

CVE-2017-5618

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...

Vulnerability of Mac OS X and iOS operating systems, allowing attackers to modify arbitrary files

The vulnerability of the libarchive component in Mac OS X and iOS systems is related to an incorrect definition of links before accessing files. Exploiting this vulnerability allows a malicious individual to modify arbitrary files by manipulating symlinks...

Vulnerability of Mac OS X and iOS operating systems, allowing attackers to modify arbitrary files

The vulnerability of the libarchive component in Mac OS X and iOS systems is related to an incorrect definition of the reference before accessing a file. Exploiting this vulnerability allows a remote attacker to modify any files using a specially crafted archive...

CVE-2016-5237

Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file...

CVE-2016-9210

A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to modify arbitrary files on the file system. More Information: CSCvb61698. Known Affected Releases: 11.51.11007.2. Known Fixed Releases...

CVE-2016-9210

CVE-2016-9210 affects Cisco Unified Communications Manager’s Unified Reporting Upload Tool . The vulnerability is a directory traversal flaw that allows an unauthenticated, remote attacker to plant/modify arbitrary files on the affected system by submitting a crafted POST request via the CUCM Uni...

CVE-2016-2877

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for unspecified directories under the web root, which allows local users to modify data by writing to a file...

Avast Endpoint Protection Suite Plus Sandbox Escape Security Bypass Vulnerability

Avast Endpoint Protection Suite Plus is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-5763

Vulnerability in Novell Open Enterprise Server OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update 10991, OES11 SP2 before Scheduled Maintenance Update 10989 might allow authenticated remote...

CVE-2016-5763

CVE-2016-5763 concerns a vulnerability in Novell Open Enterprise Server (OES) . Multiple OES versions (OES2015 SP1 before maintenance update 10992; OES2015 before 10990; OES11 SP3 before 10991; OES11 SP2 before 10989) are described as susceptible. Public sources indicate a file inclusion vulnerab...

SAP TREX Arbitrary File Modification Vulnerability

SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. An arbitrary file modification vulnerability exists in SAP TREX, which can be exploited by a remote attacker to read and write arbitrary files on the file system...

Server: Edit permission check not enforced on WebDAV COPY action

The WebDAV endpoint was not properly checking the permission on a WebDAV "COPY" action. This allowed an authenticated attacker with access to a read-only share to put new files in there. It was not possible to modify existing files. For more information please consult the official advisory. This...

The vulnerability of the GNU Wget download manager, which allows a hacker to modify any files at will

The vulnerability of the GNU Wget download manager is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to remotely modify any files by redirecting requests from HTTP to a specially created FTP server...

IBM Security Privileged Identity Manager Virtual Appliance Arbitrary File Modification Vulnerability

IBM Security Privileged Identity Manager is an identity management product within IBM Identity Governance and Management, an identity governance solution from IBM USA, that protects, automates, and audits the use of privileged identities to help defend against insider threats and improve security...

Vulnerability of the 1C-Bitrix web project management system: Website management that allows malicious actors to bypass access restrictions

Vulnerability of the 1C-Bitrix web project management system: Website management related to errors in the integrity control mechanism of the control scripts. Exploiting this vulnerability allows a malicious actor to manipulate the integrity check mechanism and modify files within the system witho...