Lucene search
K

6887 matches found

CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Microsoft Visual Studio Privilege Mobilization Vulnerability (CNVD-2020-24130)

Microsoft Visual Studio is a family of development tool suites from Microsoft and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. A lift vulnerability exists in Microsoft Visual Studio that stems from a failure of the Updater...

5.5CVSS6.6AI score0.0076EPSS
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

Microsoft Windows Defender Antimalware Platform Elevation of Privilege Vulnerability

Microsoft Windows Defender Antimalware Platform is a suite of anti-malware platforms from Microsoft USA. A security vulnerability exists in Microsoft Windows Defender Antimalware Platform, which stems from the program's inability to handle hard-coded links. An attacker could exploit the...

7.8CVSS6.8AI score0.00856EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Microsoft Windows Connected User Experiences and Telemetry Service elevation of privilege vulnerability (CNVD-2020-32585)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system.Connected User Experiences and Telemetry Service is one of the components that can...

7.1CVSS7.2AI score0.00737EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/15 12:0 a.m.3 views

SAP Netweaver Path Traversal Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A path traversal vulnerability exists in SAP NetWeaver Knowledge Management, which results from the program...

9.1CVSS7AI score0.01107EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/04/14 3:38 p.m.2 views

buildah: Crafted input tar file may lead to local file overwrite during image build process

A path traversal flaw was found in Buildah. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTPs server and then write files to the user's system anywhere that the user has permissions...

9.3CVSS7.3AI score0.02603EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2020/04/14 7:0 a.m.109 views

OneDrive for Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status. To exploit this vulnerability, an attacker would...

5.5CVSS2.4AI score0.00719EPSS
Exploits0
CNVD
CNVD
added 2020/04/13 12:0 a.m.2 views

Vastgota-Data ProVide Path Traversal Vulnerability

Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A security vulnerability exists in ajax/ImportCertificate in Vastgota-Data ProVide 13.1 and earlier versions. An attacker can exploit the vulnerability to load an arbitrary certificate in...

9.8CVSS6.9AI score0.00908EPSS
Exploits1References1
NVD
NVD
added 2020/04/12 3:15 a.m.21 views

CVE-2020-11705

An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...

9.8CVSS9.4AI score0.00908EPSS
Exploits1References2
CVE
CVE
added 2020/04/12 2:43 a.m.106 views

CVE-2020-11705

The CVE-2020-11705 issue affects ProVide (formerly zFTPServer)

9.8CVSS9.3AI score0.00908EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2020/04/10 1:3 a.m.29 views

Arbitrary File Overwrite

php is vulnerable to arbitrary file overwrite. The vulnerability exists as an off-by-one flaw was found in PHP. If an attacker uploaded a file with a specially-crafted file name it could cause a PHP script to attempt to write a file to the root / directory. By default, PHP runs as the "apache"...

6.4CVSS1.8AI score0.19235EPSS
Exploits1References24Affected Software1
Veracode
Veracode
added 2020/04/10 12:59 a.m.23 views

Arbitrary File Overwrite

gcc is vulnerable to arbitrary file overwrite. The vulnerability exists through two directory traversal flaws were found in the way fastjar extracted JAR archive files. If a local, unsuspecting user extracted a specially-crafted JAR file, it could cause fastjar to overwrite arbitrary files writab...

2.6CVSS3.4AI score0.03365EPSS
Exploits1References14Affected Software1
Veracode
Veracode
added 2020/04/10 12:59 a.m.18 views

Arbitrary File Overwrite

gcc is vulnerable to arbitrary file overwrite. The vulnerability exists through two directory traversal flaws were found in the way fastjar extracted JAR archive files. If a local, unsuspecting user extracted a specially-crafted JAR file, it could cause fastjar to overwrite arbitrary files writab...

5.8CVSS3.4AI score0.03681EPSS
Exploits1References18Affected Software1
Veracode
Veracode
added 2020/04/10 12:41 a.m.27 views

Arbitrary File Overwrite

fence is vulnerable to arbitrary file overwrite. The pservershutdown function in fenceegenera allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...

6.9CVSS5.4AI score0.00711EPSS
Exploits0References19Affected Software2
Veracode
Veracode
added 2020/04/10 12:38 a.m.22 views

File Overwrite

firefox is vulnerable to file overwrite. The vulnerability exists as a flaw was found in the way Firefox creates temporary file names for downloaded files. If a local attacker knows the name of a file Firefox is going to download, they can replace the contents of that file with arbitrary contents...

7.5CVSS3AI score0.01981EPSS
Exploits0References10Affected Software3
Veracode
Veracode
added 2020/04/10 12:36 a.m.23 views

Arbitrary File Overwrite

cman is vulnerable to arbitrary file overwrites. The vulnerability exists as multiple insecure temporary file use flaws were found in fenceapcsnmp and ccstool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with th...

6.9CVSS2.8AI score0.0039EPSS
Exploits0References25Affected Software3
Veracode
Veracode
added 2020/04/10 12:31 a.m.17 views

Arbitrary File Overwrite

openswan is vulnerable to arbitrary file overwrite. The vulnerability exists as Openswan's livetest script created temporary files in an insecure manner. A local attacker could use this flaw to overwrite arbitrary files owned by the user running the script...

4.4CVSS2.5AI score0.01115EPSS
Exploits6References17Affected Software1
Veracode
Veracode
added 2020/04/10 12:28 a.m.28 views

Arbitrary File Overwrite

xen is vulnerable to arbitrary file overwrite. The vulnerability exists as it was discovered that the qemu-dm.debug script created a temporary file in /tmp in an insecure way. A local attacker in Dom0 could, potentially, use this flaw to overwrite arbitrary files via a symlink attack...

6.9CVSS3.3AI score0.00319EPSS
Exploits0References11Affected Software1
Veracode
Veracode
added 2020/04/10 12:23 a.m.15 views

Arbitrary File Overwrite

setroubleshoot is vulnerable to arbitrary file overwrite. The vulnerability exists as a flaw was found in the way sealert wrote diagnostic messages to a temporary file. A local unprivileged user could perform a symbolic link attack, and cause arbitrary files, writable by other users, to be...

4.4CVSS4.5AI score0.00301EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2020/04/10 12:18 a.m.26 views

Arbitrary File Overwrite

tar is vulnerable to arbitrary file overwrite. The vulnerability exists as a path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access...

6.8CVSS2.9AI score0.02743EPSS
Exploits1References40Affected Software1
Veracode
Veracode
added 2020/04/10 12:14 a.m.28 views

Arbitrary File Overwrite

coolkey is vulnerable to arbitrary file overwrite. A local attacker could perform a symlink attack and cause arbitrary files to be overwritten...

3.3CVSS3.4AI score0.00301EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder