Lucene search
K

6886 matches found

Prion
Prion
added 2019/08/02 2:15 p.m.17 views

Design/Logic Flaw

cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update SEC-303...

3.6CVSS5.6AI score0.00297EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/02 1:53 p.m.27 views

CVE-2017-18416

cPanel before 67.9999.103 allows arbitrary file-overwrite operations during a Roundcube SQLite schema update SEC-303...

5.7AI score0.00297EPSS
Exploits0References1
NVD
NVD
added 2019/08/01 4:15 p.m.19 views

CVE-2016-10848

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...

9CVSS7AI score0.01448EPSS
Exploits0References2
NVD
NVD
added 2019/08/01 4:15 p.m.14 views

CVE-2016-10845

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/checksystemstorable SEC-78...

8.1CVSS8.1AI score0.01118EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 4:15 p.m.3 views

CVE-2016-10848

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...

7.2CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2019/08/01 4:15 p.m.2 views

CVE-2016-10845

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/checksystemstorable SEC-78...

8.1CVSS5.9AI score0.01118EPSS
Exploits0References1
Prion
Prion
added 2019/08/01 4:15 p.m.12 views

Design/Logic Flaw

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/checksystemstorable SEC-78...

6.5CVSS7.2AI score0.01118EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/08/01 4:15 p.m.19 views

Design/Logic Flaw

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...

9CVSS7.2AI score0.01448EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/01 3:39 p.m.43 views

CVE-2016-10845

CVE-2016-10845 affects cPanel prior to 11.54.0.4. The issue is an arbitrary file-overwrite in scripts/check_system_storable (SEC-78) due to improper input handling/validation. Impact is partial confidentiality, integrity, and availability per CVSS2/3 data; exploitation details are not provided in...

8.1CVSS8AI score0.01118EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/01 3:39 p.m.16 views

CVE-2016-10845

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/checksystemstorable SEC-78...

8.1AI score0.01118EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/01 3:26 p.m.27 views

CVE-2016-10848

cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck SEC-81...

7.1AI score0.01448EPSS
Exploits0References1
CVE
CVE
added 2019/08/01 3:26 p.m.38 views

CVE-2016-10848

CVE-2016-10848 affects cPanel prior to 11.54.0.4, allowing arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). The issue is documented across multiple sources (NVD, Red Hat advisory) with a high impact rating (C/V: high; A: high) and network attack vector. The provided materials d...

9CVSS7AI score0.01448EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2019/07/31 7:26 p.m.3 views

icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite

It was found that icedtea-web was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox...

8.6CVSS5.8AI score0.04022EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/07/31 7:26 p.m.0 views

icedtea-web: path traversal while processing <jar/> elements of JNLP files results in arbitrary file overwrite

It was found that icedtea-web did not properly sanitize paths from elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user...

8.2CVSS5.8AI score0.02743EPSS
Exploits0References4
OSV
OSV
added 2019/07/31 4:37 p.m.7 views

SUSE-SU-2019:2033-1 Security update for icedtea-web

This update for icedtea-web to version 1.7.2 fixes the following issues: Security issues fixed: - CVE-2019-10181: Fixed an unsigned code injection in a signed JAR file bsc1142835 - CVE-2019-10182: Fixed a path traversal while processing elements of JNLP files results in arbitrary file overwrite...

8.6CVSS8.5AI score0.04022EPSS
Exploits0References7
NVD
NVD
added 2019/07/29 8:15 p.m.10 views

CVE-2019-14418

An issue was discovered in Veritas Resiliency Platform VRP before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existi...

9.1CVSS8.9AI score0.04123EPSS
Exploits0References3
Prion
Prion
added 2019/07/29 8:15 p.m.15 views

Directory traversal

An issue was discovered in Veritas Resiliency Platform VRP before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existi...

6.5CVSS8.6AI score0.04123EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/07/29 7:6 p.m.16 views

CVE-2019-14418

An issue was discovered in Veritas Resiliency Platform VRP before 3.4 HF1. When uploading an application bundle, a directory traversal vulnerability allows a VRP user with sufficient privileges to overwrite any file in the VRP virtual machine. A malicious VRP user could use this to replace existi...

9.1CVSS8.7AI score0.04123EPSS
Exploits0References3
CVE
CVE
added 2019/07/29 7:6 p.m.48 views

CVE-2019-14418

Summary: CVE-2019-14418 affects Veritas Resiliency Platform (VRP) before 3.4 HF1. A directory traversal flaw during application bundle uploads lets a VRP user with sufficient privileges overwrite any file in the VRP VM, potentially enabling full VM takeover. Affected software: Veritas Resiliency ...

9.1CVSS8.6AI score0.04123EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/07/29 12:0 a.m.28 views

Debian DSA-4489-1 : patch - security update

Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed. This update includes a bugfix for a regression introduced by the patch to address...

9.3CVSS6.9AI score0.0556EPSS
Exploits0References9
Rows per page
Query Builder