Cisco Enterprise NFV Infrastructure Software File Overwrite Vulnerability

Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A file overwrite vulnerability exists in Cisco Enterprise NFV Infrastructure...

CVE-2019-3681

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that c...

SUSE-SU-2020:1773-1 Security update for curl

This update for curl fixes the following issues: - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027...

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Crafted input tar file may lead to local file overwrite during image build process CVE-2020-10696 For more details about the security issues, including the...

CVE-2019-1422

An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423...

SUSE-SU-2019:2181-1 Security update for nodejs6

This update for nodejs6 fixes the following issues: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290...

SUSE-SU-2019:2078-1 Security update for nodejs4

This update for nodejs4 fixes the following issues: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290...

CVE-2018-1799

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429...

SUSE-SU-2017:1865-1 Security update for cryptctl

This update for cryptctl fixes an issue that could have allowed a malicious administrator to craft RPC requests to overwrite files outside of key database. bsc1041963 / CVE-2017-9270...

[SECURITY] [DLA 690-1] tar security update

Package : tar Version : 1.26+dfsg-0.1+deb7u1 CVE ID : CVE-2016-6321 Debian Bug : 842339 A vulnerability has been discovered in the tar package that could allow an attacker to overwrite arbitrary files through crafted files. For Debian 7 "Wheezy", these problems have been fixed in version...

VMware ESX sudo Package Multiple Vulnerabilities (VMSA-2013-0007) (remote check)

The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of sudo : - An unspecified flaw exists in the sudo package related to the Network Matching Mechanism that is triggered when parsing IPv4 netmask...

Low: ntp

Issue Overview: As discussed upstream http://support.ntp.org/bin/view/Main/SecurityNoticeJune2015NTPSecurityVulnerabi, a flaw was found in the way ntpd processed certain remote configuration packets. Note that remote configuration is disabled by default in NTP. CVE-2015-5146 It was found that the...

openSUSE Security Update : patch (openSUSE-SU-2015:0199-1)

This update fixes the following security issue : + Security fix for a directory traversal flaw when handling git-style patches. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch. boo913678 CVE-2015-1196 This update fixes the following issues : + When ...

CA Internet Security Suite - 'UmxEventCli.dll' ActiveX Control Arbitrary File Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29406/info A Computer Associates Internet Security Suite ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control...

SAMBA 2.0.7 SWAT Symlink Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1872/info The Samba software suite is a collection of programs that implements the SMB protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes...

Junsoft JSparm 4.0 Logging Output File Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2515/info JSparm is the Junsoft Performance Analysis Report Maker package. This software package provides an enhanced perfmon performance monitoring package and interface, as well as a performance report generation...

MGASA-2014-0033 Updated hplip package fixes security vulnerabilities

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. CVE-2013-6402 It was discovered that HPLIP contained an upgrade tool that would download code in an unsafe fashion. If a remote attacker...

CVE-2013-6402

base/pkit.py in HP Linux Imaging and Printing HPLIP through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file...

Centrify Deployment Manager v2.1.0.283 File Overwrite Vulnerability

Centrify Deployment Manager v2.1.0.283 version 2.1.0.283 appears to suffer from a root-level file overwrite vulnerability due to an insecure use of /tmp. Centrify Deployment Manager v2.1.0.283 While at a training session for centrify, I noticed poor handling of files in /tmp. I was able to...

CVE-2012-2103

The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names...