Lucene search
K

6891 matches found

OSV
OSV
added 2020/06/04 6:15 p.m.3 views

CVE-2020-13833

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The system area allows arbitrary file overwrites via a symlink attack. The Samsung ID is SVE-2020-17183 June 2020...

9.1CVSS7.4AI score0.00461EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/04 12:0 a.m.8 views

Cisco IOx Application Framework Backlink Vulnerability

Cisco Iox is the U.S. Cisco Cisco a combination of Cisco IOS and Linux OS for secure network connectivity and the development of IOT applications for secure development environment. A backlink vulnerability exists in Cisco IOx Application Framework versions prior to 1.9.0, which arises from a...

6.3CVSS6.4AI score0.00351EPSS
Exploits0References1
Prion
Prion
added 2020/06/03 6:15 p.m.18 views

Design/Logic Flaw

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

4.6CVSS6.1AI score0.00351EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2020/06/03 5:55 p.m.10 views

CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

6.3CVSS6.6AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/03 5:55 p.m.24 views

CVE-2020-3237 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction...

6.3CVSS6.2AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2020/06/01 7:15 p.m.22 views

CVE-2019-15709

An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI...

8.5CVSS6.5AI score0.01328EPSS
Exploits0References1
Prion
Prion
added 2020/06/01 4:15 p.m.1017 views

Design/Logic Flaw

The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...

5CVSS6.3AI score0.02267EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2020/06/01 3:28 p.m.54 views

CVE-2020-12062

The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...

7.5CVSS7.9AI score0.02267EPSS
Exploits0
CVE
CVE
added 2020/06/01 3:28 p.m.8373 views

CVE-2020-12062

CVE-2020-12062 affects the OpenSSH scp client (OpenSSH 8.2). The issue arises when a utimes system call fails, causing the scp client to send duplicate responses to the server. A malicious unprivileged user on the remote server can leverage this to overwrite arbitrary files in the client’s downlo...

7.5CVSS7.4AI score0.02267EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/05/29 12:0 a.m.3 views

Dell Dock Firmware Update Utilities Code Issue Vulnerability

Dell Dock Firmware Update Utilities is a firmware update utility for Dell Docking Station from Dell USA. A code issue vulnerability exists in the Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations. A local attacker could exploit this vulnerability by...

7.1CVSS6.9AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2020/05/28 8:15 p.m.17 views

CVE-2020-5357

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time...

7.1CVSS6.8AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2020/05/28 8:15 p.m.3 views

CVE-2020-5357

Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time...

6CVSS6.4AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2020/05/28 7:20 p.m.114 views

CVE-2020-5357

CVE-2020-5357 :Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The flaw is exploitable during the administrator execution window via a symlink attack by a locally authenticated, low-privileged user, en...

7.1CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/25 12:0 a.m.22 views

Cisco Firepower Management Center File Overwrite (cisco-sa-fmcai-z5dQObVN)

File overwrite vulnerability exist in the web UI of Cisco Firepower Management Center due to insufficient input validation. An authenticated, remote attacker can exploit this by sending crafted input to the web UI in order to overwrite files on the file system of the affected device. Please see t...

8.5CVSS7AI score0.01748EPSS
Exploits0References3
CNVD
CNVD
added 2020/05/20 12:0 a.m.9 views

Kata Containers Access Control Error Vulnerability

Kata Containers is an open source lightweight virtual machine builder from the Kata Containers community. An Access Control Error vulnerability exists in Kata Containers versions prior to 1.11.0 on Cloud Hypervisor, which can be exploited by an attacker to overwrite an image file and take control...

8.8CVSS6.7AI score0.00313EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/05/20 12:0 a.m.41 views

Ansible Tower 3.6.x =< 3.6.3 Archive Traversal Arbitrary File Overwrite Vulnerability

The version of Ansible Tower running on the remote web server is 3.6.x equal or prior to 3.6.3. It is, therefore, affected by an archive traversal arbitrary file overwrite vulnerability when extracting tar.gz archives. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.2CVSS7.4AI score0.00358EPSS
Exploits0References3
CNVD
CNVD
added 2020/05/19 12:0 a.m.2 views

Micro Star Dragon Center Security Vulnerability

Micro Star Dragon Center is an application for management control of MSI components, desktop systems, and peripherals from Micro Star Technology Micro Star of Taiwan, China. A security vulnerability exists in the "C:\%PROGRAMDATA\%MSIDragon Center" folder of Micro Star Dragon Center version...

7.8CVSS6.8AI score0.00449EPSS
Exploits1References1
Prion
Prion
added 2020/05/18 8:15 p.m.17 views

Directory traversal

Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary...

4.6CVSS7.5AI score0.00449EPSS
Exploits1References1Affected Software1
Source Incite
Source Incite
added 2020/05/18 12:0 a.m.26 views

SRC-2020-0027 : Microsoft Exchange Server NewExchangeCertificate WriteRequest File Overwrite Denial of Service Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to cause a denial of service against affected installations of Exchange Server. Authentication with the “Exchange Server Certificates” role is required to exploit this vulnerability. The specific flaw exists within the processing o...

6.2CVSS6.8AI score0.03365EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.272 views

RHEL 7 : buildah (RHSA-2020:2116)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2116 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

9.3CVSS6.5AI score0.02603EPSS
Exploits1References7
Rows per page
Query Builder