Lucene search
K

6886 matches found

CNVD
CNVD
added 2019/10/16 12:0 a.m.4 views

cPanel Injection Vulnerability (CNVD-2019-36141)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An injection vulnerability exists in cPanel versions prior to 11.54.0.4. The vulnerability stems from a lack of proper validation...

8.1CVSS7.3AI score0.01118EPSS
Exploits0References1
Symantec
Symantec
added 2019/10/16 12:0 a.m.23 views

Cisco TelePresence CE Software CVE-2019-15273 Multiple Arbitrary File Overwrite Vulnerabilities

Description Cisco TelePresence Collaboration Endpoint Software is prone to multiple local arbitrary file-overwrite vulnerabilities. Successful exploits may allow an attacker to overwrite arbitrary files on the underlying file-system or cause denial-of-service conditions. These issues are being...

1.3AI score0.00271EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/10/10 2:15 p.m.2 views

CVE-2019-13157

nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrite arbitary files via directory traversal sequences in a filename within nsz archive...

7.5CVSS5.6AI score0.01655EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/10/04 9:48 p.m.8 views

CVE-2008-0806

wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.USERID temporary file...

3.6CVSS6.6AI score0.00442EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2019/10/04 8:56 p.m.20 views

CVE-2008-5704

src/unittest.c in gpsdrive aka gpsdrive-scripts 2.10pre4 might allow local users to overwrite arbitrary files via a symlink attack on the /tmp/gpsdrive-unit-test/proc temporary file, a different vector than CVE-2008-4959 and CVE-2008-5380...

7.6CVSS6.3AI score0.01185EPSS
Exploits1References3
OSV
OSV
added 2019/09/21 9:15 p.m.1 views

DEBIAN-CVE-2019-16680

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction...

4.3CVSS5.4AI score0.02132EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2019/09/21 12:0 a.m.21 views

CVE-2019-16680

An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction...

4.3CVSS6.3AI score0.02132EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2019/09/10 7:0 a.m.76 views

Windows Update Delivery Optimization Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions. An attacker who successfully exploited the vulnerability could overwrite files that require higher privileges than what the attacker already has. To explo...

7CVSS2.8AI score0.00679EPSS
Exploits0
Metasploit
Metasploit
added 2019/09/09 5:0 p.m.21 views

Generic Zip Slip Traversal Vulnerability

This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/09/02 12:0 a.m.19 views

Cisco NX-OS Software Arbitrary File Overwrite Vulnerability

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software. An authenticated, local attacker can exploit the vulnerability to overwrite any file on the file system...

6.7CVSS6.5AI score0.00227EPSS
Exploits0References4
NVD
NVD
added 2019/08/26 1:15 p.m.14 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5CVSS7.5AI score0.01676EPSS
Exploits0References1
OSV
OSV
added 2019/08/26 1:15 p.m.15 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2019/08/26 1:15 p.m.11 views

Design/Logic Flaw

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

6.4CVSS7.4AI score0.01676EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2019/08/26 1:15 p.m.20 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5CVSS7.1AI score0.01676EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/08/26 12:39 p.m.15 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5AI score0.01676EPSS
Exploits0References1
CVE
CVE
added 2019/08/26 12:39 p.m.67 views

CVE-2018-20990

CVE-2018-20990 affects the tar crate for Rust (pre-0.4.16). The issue is that arbitrary file overwrite can occur via a symlink or hardlink inside a TAR archive, representing a path traversal-like risk when unpacking archives. The available documents identify the vulnerable component and the under...

7.5CVSS7.3AI score0.01676EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2019/08/26 12:39 p.m.15 views

CVE-2018-20990

An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive...

7.5CVSS7.4AI score0.01676EPSS
Exploits0
CNVD
CNVD
added 2019/08/22 12:0 a.m.2 views

Cisco Enterprise Network Functions Virtualization Infrastructure Software Input Validation Error Vulnerability

Cisco Enterprise Network Functions Virtualization Infrastructure Software NFVIS is a set of Linux-based infrastructure software from Cisco. The software is mainly used for designing, deploying and managing network services and dynamically deploying virtualized network functions on supported Cisco...

6.5CVSS7AI score0.0157EPSS
Exploits0References1
Prion
Prion
added 2019/08/21 7:15 p.m.15 views

Input validation

A vulnerability in Cisco Enterprise Network Functions Virtualization Infrastructure Software NFVIS could allow an authenticated, remote attacker with administrator privileges to overwrite files on the underlying operating system OS of an affected device. The vulnerability is due to improper input...

5.5CVSS6.6AI score0.0157EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.25 views

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:2181-1)

This update for nodejs6 fixes the following issues : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

7.5CVSS7.9AI score0.02781EPSS
Exploits0References4
Rows per page
Query Builder