Lucene search
K

6892 matches found

ICS
ICS
added 2020/08/11 12:0 a.m.71 views

Yokogawa CENTUM (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Yokogawa Equipment: CENTUM Vulnerabilities: Improper Authentication, Path Traversal 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-224-01...

9.8CVSS10AI score0.01587EPSS
Exploits0References5
Prion
Prion
added 2020/08/10 6:15 p.m.17 views

Code injection

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings but not access the previous profile. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects...

4.3CVSS5.2AI score0.00635EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/08/10 5:43 p.m.116 views

CVE-2020-15650

CVE-2020-15650 affects Firefox ESR

5.5CVSS5.1AI score0.00635EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2020/08/03 12:0 a.m.26 views

Libre Office Multiple Vulnerabilities (Jun 2020) - Linux

Libre Office is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

6.5CVSS6.9AI score0.01944EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/07/31 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2020-1796)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8AI score0.01236EPSS
Exploits1References2
NVD
NVD
added 2020/07/27 2:15 p.m.21 views

CVE-2020-15593

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC Inter-Process Communicati...

7.8CVSS7.6AI score0.00422EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.24 views

openSUSE Security Update : curl (openSUSE-2020-908)

This update for curl fixes the following issues : - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security...

7.8CVSS6.6AI score0.01236EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.81 views

Amazon Linux 2 : curl (ALAS-2020-1451)

The version of curl installed on the remote host is prior to 7.61.1-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1451 advisory. command line arguments lead to local file overwrite CVE-2020-8177 Tenable has extracted the preceding description block directly fro...

7.8CVSS6.8AI score0.01236EPSS
Exploits1References3
Amazon
Amazon
added 2020/07/16 12:0 a.m.31 views

Medium: curl

Issue Overview: command line arguments lead to local file overwrite CVE-2020-8177 Affected Packages: curl Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

7.8CVSS7.1AI score0.01236EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.21 views

Cisco Firepower Device Manager On-Box Software Arbitrary File Overwrite (cisco-sa-fdmfo-HvPWKxDe)

According to its self-reported version, Cisco Firepower Device Manager FDM On-Box software is affected by an arbitrary file overwrite vulnerability due to improper input validation. An authenticated, remote attacker can exploit this by uploading a malicious file to an affected device in order to...

9CVSS7AI score0.01766EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/10 12:0 a.m.382 views

Red Hat curl local file overwrite (CVE-2020-8177) (deprecated)

This plugin has been deprecated by the RedHat distribution specific plugins 142705 and 142414. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2020/11/16. Deprecated by redhat-RHSA-2020-4599.nasl and redhat-RHSA-2020-5002.nasl. include'compat.inc'; if description scriptid138374;...

7.8AI score0.01236EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2020/07/09 12:0 a.m.5 views

The vulnerability of the PuTTY encryption protection mechanism, related to key management errors, allows a hacker to overwrite files in the system.

The vulnerability of the PuTTY encryption protection tool is related to key management errors. Exploiting this vulnerability could allow a malicious actor to re-record files within the system remotely...

7.8CVSS7.4AI score0.02447EPSS
Exploits0References6Affected Software4
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.34 views

SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2020:1733-1)

This update for curl fixes the following issues : CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP...

7.8CVSS6.7AI score0.03427EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.52 views

SUSE SLES12 Security Update : curl (SUSE-SU-2020:1732-1)

This update for curl fixes the following issues : CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. Note that Tenable Network Security has extracted the preceding description block directly from th...

7.8CVSS6.6AI score0.01236EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.36 views

SUSE SLES12 Security Update : curl (SUSE-SU-2020:1735-1)

This update for curl fixes the following issues : CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. Note that Tenable Network Security has extracted the preceding description block directly from th...

7.8CVSS6.6AI score0.01236EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2020/07/06 2:51 p.m.69 views

CVE-2020-12062

The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...

5CVSS7.9AI score0.02267EPSS
Exploits0References3
OSV
OSV
added 2020/07/05 7:48 p.m.7 views

MGASA-2020-0282 Updated curl packages fix security vulnerability

Updated curl packages fix security vulnerabilities: libcurl can be tricked to prepend a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS servers CVE-2020-8169. curl can be tricked by a malicious server to overwri...

7.8CVSS7.6AI score0.03427EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2020/06/30 12:0 a.m.32 views

openSUSE: Security Advisory for curl (openSUSE-SU-2020:0908-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.8AI score0.01236EPSS
Exploits1References2
OSV
OSV
added 2020/06/29 6:19 p.m.4 views

OPENSUSE-SU-2020:0908-1 Security update for curl

This update for curl fixes the following issues: - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option bsc1173027. This update was imported from the SUSE:SLE-15:Update update project...

7.8CVSS7.8AI score0.01236EPSS
Exploits1References3
OSV
OSV
added 2020/06/29 12:15 p.m.5 views

CVE-2019-3681

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that c...

9.8CVSS9.4AI score
Exploits0References1
Rows per page
Query Builder