6886 matches found
SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:2078-1)
This update for nodejs4 fixes the following issues : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2019:2055-1)
This update for nodejs8 fixes the following issues : Security issue fixed : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: Backported fixes for OpenSSL 1.1.1 from nodejs8 bsc1134209. Note that Tenable Network Security has...
SUSE-SU-2019:2099-1 Security update for nodejs10
This update for nodejs10 to version 10.16.0 fixes the following issues: Security issue fixed: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: - Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...
Arbitrary File Overwrite
keepalived is vulnerable to arbitrary file overwrite. The vulnerability exists as there is an improper pathname validation that allows for overwrite of arbitrary filenames via symlinks...
Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability (CNVD-2019-38857)
Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A path traversal vulnerability exists in the CLI for Cisco Enterprise NFV...
CVE-2016-10804
The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...
CVE-2016-10804
The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...
Design/Logic Flaw
The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...
CVE-2016-10804
The CVE-2016-10804 issue affects cPanel prior to 57.9999.54, where the SQLite journal feature can cause arbitrary file overwrites during Horde Restore (SEC-58). Root cause: misuse of the SQLite journal leads to write operations to arbitrary files. Impact (per sources): High, with potential confid...
CVE-2016-10804
The SQLite journal feature in cPanel before 57.9999.54 allows arbitrary file-overwrite operations during Horde Restore SEC-58...
SUSE-SU-2019:2078-1 Security update for nodejs4
This update for nodejs4 fixes the following issues: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290...
Unspecified vulnerability in cPanel (CNVD-2019-27418)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 62.0.17. An attacker can exploit the vulnerability to arbitrarily...
cPanel Input Validation Error Vulnerability (CNVD-2019-27604)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 60.0.25. An attacker can exploit the vulnerability to arbitrarily...
Unspecified vulnerability in cPanel (CNVD-2019-27420)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 60.0.25. An attacker can exploit the vulnerability to overwrite...
SUSE-SU-2019:2055-1 Security update for nodejs8
This update for nodejs8 fixes the following issues: Security issue fixed: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: - Backported fixes for OpenSSL 1.1.1 from nodejs8 bsc1134209...
cPanel Input Validation Error Vulnerability (CNVD-2019-27606)
cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. An input validation error vulnerability exists in cPanel versions prior to 62.0.17. An attacker can exploit the...
CVE-2016-10768
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades SEC-161...
CVE-2016-10768
cPanel before 60.0.25 allows file-overwrite operations during preparation for MySQL upgrades SEC-161...
CVE-2016-10770
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update SEC-164...
CVE-2016-10770
cPanel before 60.0.25 allows arbitrary file-overwrite operations during a Roundcube update SEC-164...