Lucene search
K

6886 matches found

OSV
OSV
added 2020/04/08 7:15 p.m.6 views

CVE-2020-1991

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect...

7.1CVSS7.1AI score0.00266EPSS
Exploits0References1
Prion
Prion
added 2020/04/08 7:15 p.m.17 views

Design/Logic Flaw

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect...

3.6CVSS6.8AI score0.00266EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/08 2:5 a.m.24 views

CVE-2020-6828

The Mozilla Foundation Security Advisory describes this flaw as: A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to...

7.5CVSS3.1AI score0.01471EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/04/08 12:0 a.m.36 views

Mozilla Firefox Security Advisories (MFSA2020-12, MFSA2020-13) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS7.6AI score0.01905EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2020/04/07 12:0 a.m.54 views

KLA11726 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Out of bounds write vulnerability in GMPDecodeData can be...

9.8CVSS9.2AI score0.01905EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/06 10:58 a.m.16 views

CVE-2019-13173

fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The fstream.DirWriter function is...

7.5CVSS1.6AI score0.02781EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/03 2:9 a.m.48 views

CVE-2019-16777

Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of...

7.7CVSS1.7AI score0.01984EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/02 1:59 p.m.30 views

CVE-2018-20834

A flaw was found in nodejs-tar in versions prior to 4.4.2. An arbitrary file overwrite can occur when extracting tarballs containing a hard-link to a file that already exists in the system. Further, a file that matches the hard-link may overwrite the system's files with the contents of the...

8.8CVSS3.3AI score0.03145EPSS
Exploits1References2
CNVD
CNVD
added 2020/03/26 12:0 a.m.3 views

Arbitrary File Overwrite Vulnerability in Motrix Windows Version

Motrix is an open-source, free, all-in-one downloader with a very clean and minimalist interface. An arbitrary file overwrite vulnerability exists in the Windows version of Motrix, which can be exploited by attackers to compromise the integrity of a system...

7AI score
Exploits0
OSV
OSV
added 2020/03/23 4:15 p.m.5 views

CVE-2020-9759

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

7.8CVSS9.5AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/03/23 4:15 p.m.31 views

CVE-2020-9759

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

9.3CVSS7.1AI score0.00487EPSS
Exploits1References5
Prion
Prion
added 2020/03/23 4:15 p.m.17 views

Design/Logic Flaw

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

9.3CVSS8.6AI score0.00487EPSS
Exploits1References2
OSV
OSV
added 2020/03/23 4:15 p.m.2 views

UBUNTU-CVE-2020-9759

A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...

7.8CVSS7.1AI score0.00487EPSS
Exploits1References6
CVE
CVE
added 2020/03/23 3:36 p.m.91 views

CVE-2020-9759

CVE-2020-9759 affects WeeChat (IRC client). A crafted IRC message 352 (who) can cause a crash, per multiple advisories (Debian DLA-2157-1, GLSA-202003-51, USN-5258-1). Root cause: malformed channel/ IRC message handling leading to a crash; impact is denial of service via client crash. Remediation...

9.3CVSS6.8AI score0.00487EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2020/03/18 7:15 p.m.15 views

CVE-2019-12124

An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected...

9.1CVSS9.2AI score0.01163EPSS
Exploits1References1
OSV
OSV
added 2020/03/18 7:15 p.m.4 views

CVE-2019-12124

An issue was discovered in ONAP APPC before Dublin. By using an exposed unprotected Jolokia interface, an unauthenticated attacker can read or overwrite an arbitrary file. All APPC setups are affected...

9.1CVSS7.4AI score0.01163EPSS
Exploits1References1
CVE
CVE
added 2020/03/18 5:20 p.m.56 views

CVE-2019-12124

ONAP APPC (pre-Dublin) is affected by CVE-2019-12124. An exposed unprotected Jolokia interface allows an unauthenticated attacker to read or overwrite an arbitrary file, affecting all APPC deployments. The connected sources confirm the root cause as an exposed Jolokia interface without authentica...

9.1CVSS9.1AI score0.01163EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/03/09 4:15 p.m.19 views

Arbitrary file deletion

An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system...

8.5CVSS6.5AI score0.01593EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/27 8:45 p.m.20 views

CVE-2020-3830

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files...

5.3AI score0.00326EPSS
Exploits0References1
NVD
NVD
added 2020/02/27 5:15 p.m.23 views

CVE-2019-5326

An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component...

7.2CVSS7.2AI score0.01936EPSS
Exploits0References1
Rows per page
Query Builder