Lucene search
K

6892 matches found

NVD
NVD
added 2020/08/26 5:15 p.m.19 views

CVE-2020-3519

A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...

8.1CVSS6.7AI score0.00969EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 5:15 p.m.4 views

CVE-2020-3519

A vulnerability in a specific REST API method of Cisco Data Center Network Manager DCNM Software could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. The vulnerability is due to insufficient validation of user-supplied input to the API. An attack...

8.1CVSS6.4AI score0.00969EPSS
Exploits0References1
OSV
OSV
added 2020/08/26 5:15 p.m.6 views

CVE-2020-3440

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...

6.5CVSS6.8AI score0.0262EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/26 4:16 p.m.16 views

CVE-2020-3440 Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...

6.5CVSS6.7AI score0.0262EPSS
Exploits0References1
CVE
CVE
added 2020/08/26 4:16 p.m.519 views

CVE-2020-3440

CVE-2020-3440 affects Cisco Webex Meetings Desktop App for Windows. The root cause is improper validation of URL parameters sent from a website, enabling an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. Exploitation involves convincing a user to click a craf...

6.5CVSS6.6AI score0.0262EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/08/26 4:16 p.m.5 views

CVE-2020-3440 Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...

6.5CVSS7.1AI score0.0262EPSS
Exploits0References1
CVE
CVE
added 2020/08/26 2:31 p.m.62 views

CVE-2020-5912

CVE-2020-5912 affects F5 BIG-IP restjavad dump command. A locally authenticated attacker may overwrite arbitrary files in several BIG-IP releases. Affected: BIG-IP 11.6.1–11.6.5.1, 12.1.0–12.1.5.1, 13.1.0–13.1.3.3, 14.1.0–14.1.2.3, 15.0.0–15.0.1.3, 15.1.0–15.1.0.4. Remediation: upgrade to non‑vul...

7.1CVSS7AI score0.00321EPSS
Exploits0References1Affected Software14
Nextcloud
Nextcloud
added 2020/08/26 12:0 a.m.34 views

Message Authentication Codes calculated by the Default Encryption Module allow an attacker to silently overwrite blocks in a file (NC-SA-2020-038)

A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...

5CVSS3.3AI score0.00716EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/08/25 12:0 a.m.34 views

Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite (cisco-sa-webex-desktop-app-OVSfpVMj)

According to its self-reported version, Cisco Webex Meetings Desktop App for Windows is affected by a vulnerability due to improper validation of URL parameters that are sent from a website to the affected application. An unauthenticated, remote attacker can exploit this, by persuading a user to...

6.5CVSS6.7AI score0.0262EPSS
Exploits0References3
OSV
OSV
added 2020/08/22 7:27 p.m.7 views

MGASA-2020-0341 Updated chrony package fixes security vulnerability

Chrony's method of opening its PID file could allow a compromised chrony user account to overwrite files in certain parts of the filesystem with chrony's PID, using a symlink attack CVE-2020-14367...

6CVSS5.7AI score0.00485EPSS
Exploits0References3
CNVD
CNVD
added 2020/08/20 12:0 a.m.3 views

Cisco Webex Meetings Desktop App Path Traversal Vulnerability

Cisco Webex Meetings Desktop App and Cisco Webex Meetings are both products of Cisco, Inc.Cisco Webex Meetings Desktop App is a video conferencing control application for use in a desktop environment.Cisco Webex Meetings is a video conferencing solution. A path traversal vulnerability exists in...

6.5CVSS7AI score0.0262EPSS
Exploits0References1
NCSC
NCSC
added 2020/08/20 12:0 a.m.4 views

Vulnerability fixed in Cisco Webex Meetings

A vulnerability has been fixed in the Cisco Webex Meetings Desktop App for Windows. The vulnerability allows a malicious party to to overwrite files on the end user's system. Cisco has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.6AI score0.0262EPSS
Exploits0
Cisco
Cisco
added 2020/08/19 4:0 p.m.25 views

Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. The vulnerability is due to improper validation of URL parameters that are sent from a website to the affected application. An attack...

6.5CVSS6.7AI score0.0262EPSS
Exploits0References1
RustSec
RustSec
added 2020/08/18 12:0 p.m.23 views

Missing sanitization in mozwire allows local file overwrite of files ending in .conf

The client software downloaded a list of servers from mozilla's servers and created local files named after the hostname field in the json document. No verification of the content of the string was made, and it could therefore have included '../' leading to path traversal. This allows an attacker...

9.1CVSS3AI score0.01507EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2020/08/13 12:0 a.m.5 views

Microsoft Windows and Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2020-49358)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows and Microsoft Windows...

10CVSS7.1AI score0.03549EPSS
Exploits0References1
CNVD
CNVD
added 2020/08/12 12:0 a.m.5 views

IBM QRadar Improper Access Control Vulnerability

IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. A security vulnerability exists in IBM QRadar Wincollect versions 7.2.0 through 7.2.9 that stems from WinCollect failing to install...

8.1CVSS6.7AI score0.01506EPSS
Exploits0References1
NVD
NVD
added 2020/08/11 12:15 p.m.14 views

CVE-2020-4486

IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861...

8.1CVSS7.8AI score0.01506EPSS
Exploits0References2
OSV
OSV
added 2020/08/11 12:15 p.m.5 views

CVE-2020-4486

IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861...

8.1CVSS7.4AI score0.01506EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/11 12:5 p.m.24 views

CVE-2020-4486

IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861...

8.1CVSS7.7AI score0.01506EPSS
Exploits0References2
CNVD
CNVD
added 2020/08/11 12:0 a.m.3 views

Firejail OS Command Injection Vulnerability (CNVD-2020-46817)

Firejail is a SUID sandboxing program written in C. A security vulnerability exists in Firejail 0.9.62 and earlier versions. The vulnerability can be exploited to overwrite arbitrary files with the help of the '--' delimiter...

7.8CVSS6.9AI score0.01464EPSS
Exploits0References1
Rows per page
Query Builder