6892 matches found
CVE-2020-3519
A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...
CVE-2020-3519
A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...
CVE-2020-3440
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...
CVE-2020-3440 Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...
CVE-2020-3440
CVE-2020-3440 affects Cisco Webex Meetings Desktop App for Windows. The root cause is improper validation of URL parameters sent from a website, enabling an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. Exploitation involves convincing a user to click a craf...
CVE-2020-3440 Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...
CVE-2020-5912
CVE-2020-5912 affects F5 BIG-IP restjavad dump command. A locally authenticated attacker may overwrite arbitrary files in several BIG-IP releases. Affected: BIG-IP 11.6.1–11.6.5.1, 12.1.0–12.1.5.1, 13.1.0–13.1.3.3, 14.1.0–14.1.2.3, 15.0.0–15.0.1.3, 15.1.0–15.1.0.4. Remediation: upgrade to non‑vul...
Message Authentication Codes calculated by the Default Encryption Module allow an attacker to silently overwrite blocks in a file (NC-SA-2020-038)
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite (cisco-sa-webex-desktop-app-OVSfpVMj)
According to its self-reported version, Cisco Webex Meetings Desktop App for Windows is affected by a vulnerability due to improper validation of URL parameters that are sent from a website to the affected application. An unauthenticated, remote attacker can exploit this, by persuading a user to...
MGASA-2020-0341 Updated chrony package fixes security vulnerability
Chrony's method of opening its PID file could allow a compromised chrony user account to overwrite files in certain parts of the filesystem with chrony's PID, using a symlink attack CVE-2020-14367...
Cisco Webex Meetings Desktop App Path Traversal Vulnerability
Cisco Webex Meetings Desktop App and Cisco Webex Meetings are both products of Cisco, Inc.Cisco Webex Meetings Desktop App is a video conferencing control application for use in a desktop environment.Cisco Webex Meetings is a video conferencing solution. A path traversal vulnerability exists in...
Vulnerability fixed in Cisco Webex Meetings
A vulnerability has been fixed in the Cisco Webex Meetings Desktop App for Windows. The vulnerability allows a malicious party to to overwrite files on the end user's system. Cisco has released updates to fix the vulnerability. More information can be found on the page below:...
Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability
A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...
Missing sanitization in mozwire allows local file overwrite of files ending in .conf
The client software downloaded a list of servers from mozilla's servers and created local files named after the hostname field in the json document. No verification of the content of the string was made, and it could therefore have included '../' leading to path traversal. This allows an attacker...
Microsoft Windows and Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2020-49358)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows and Microsoft Windows...
IBM QRadar Improper Access Control Vulnerability
IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. A security vulnerability exists in IBM QRadar Wincollect versions 7.2.0 through 7.2.9 that stems from WinCollect failing to install...
CVE-2020-4486
IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861...
CVE-2020-4486
IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861...
CVE-2020-4486
IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861...
Firejail OS Command Injection Vulnerability (CNVD-2020-46817)
Firejail is a SUID sandboxing program written in C. A security vulnerability exists in Firejail 0.9.62 and earlier versions. The vulnerability can be exploited to overwrite arbitrary files with the help of the '--' delimiter...