6886 matches found
UBUNTU-CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented...
Arbitrary File Overwrite
Aspose.ZIP is vulnerable to arbitrary file overwrite attacks. The vulnerability exists through a path traversal vulnerability, which allows arbitrary file overwrite in the context of the running application...
[ASA-201901-4] systemd: multiple issues
Arch Linux Security Advisory ASA-201901-4 ========================================= Severity: Medium Date : 2019-01-08 CVE-ID : CVE-2018-6954 CVE-2018-16866 Package : systemd Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-615 Summary ======= The package systemd befor...
Microsoft Windows - Windows Error Reporting Local Privilege Escalation
Microsoft Windows - Windows Error Reporting Local Privilege Escalation Make sure to copy the file report.wer found in the folder PoC-Files in the same folder as the executable before running it... I guess I could have included it as a resource in the exe.. but whatever. Example:...
Microsoft Windows - Windows Error Reporting Local Privilege Escalation
Make sure to copy the file report.wer found in the folder PoC-Files in the same folder as the executable before running it... I guess I could have included it as a resource in the exe.. but whatever. Example: "angrypolarbearbug.exe c:\windows\system32\drivers\pci.sys" This will overwrite pci.sys...
CVE-2018-20420
In webERP 4.15, ZCreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter...
CVE-2018-20420
In webERP 4.15, the vulnerability CVE-2018-20420 stems from Z_CreateCompanyTemplateFile.php having Incorrect Access Control, enabling an attacker to overwrite an existing .sql file on the target site. This is achieved by creating a template and then using directory traversal in the TemplateName p...
OnionShare File Overwrite and Information Disclosure Vulnerability
OnionShare is an open source file encryption transfer or sharing software developed by Brazilian software developer Micah Lee. A file overwrite and information disclosure vulnerability exists in the 'debugmode' function of the web/web.py file in OnionShare 1.3.1 and earlier versions, which can be...
Design/Logic Flaw
The debugmode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshareserver.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname...
DEBIAN-CVE-2018-19960
The debugmode function in web/web.py in OnionShare through 1.3.1, when --debug is enabled, uses the /tmp/onionshareserver.log pathname for logging, which might allow local users to overwrite files or obtain sensitive information by using this pathname...
CVE-2018-19960
OnionShare up to version 1.3.1 is affected by CVE-2018-19960: its debug_mode path /tmp/onionshare_server.log for logging can allow a local attacker to overwrite files or access sensitive information. Root cause: debug logging uses a fixed pathname, enabling local path traversal/overwrite scenario...
HPE Moonshot Provisioning Manager Appliance Directory Traversal (CVE-2017-8977)
A directory traversal vulnerability exists in HPE Moonshot Provisioning Manager Appliance. The vulnerability is due to missing input validation in the serverresponse.py script. Successful exploitation could result in arbitrary file overwrite with privileges of web application process...
Xorg X11 Server (AIX) Local Privilege Escalation
Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Fileset: X11.base.rte 7.1.5.32 Tested on: AIX 7.1 6.x t...
RHEL 7 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1853)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1853 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform- as-a-Service PaaS solution designed for on-premise or private cloud...
Xorg X11 Server (AIX) - Local Privilege Escalation
Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Fileset: X11.base.rte 7.1.5.32 Tested on: AIX 7.1 6.x t...
CVE-2018-18565
CVE-2018-18565 is an Improper Access Control (CWE-284) vulnerability in Roche Diagnostics handheld medical devices (Accu-Chek Inform II Instrument and related models) where attackers in the adjacent network can change instrument configuration. Affected products include Accu-Chek Inform II Instrum...
XMPlay 3.8.3 Denial Of Service
Exploit Title: XMPlay 3.8.3 - '.m3u' Denial of Service PoC Date: 2018-11-18 Exploit Author: s7acktrac3 Vendor Homepage: https://www.xmplay.com/ Software Link: https://support.xmplay.com/filesview.php?fileid=676 Version: 3.8.3 latest Tested on: Windows XP/7/8 CVE : N/A Lauch XMPlay and either drag...
SAP Disclosure Management Arbitrary File Overwrite Vulnerability
SAP Disclosure Management is an automated financial disclosure management system. The system provides a collaborative financial disclosure process across teams, geographies, systems and data sources. An arbitrary file overwrite vulnerability exists in SAP Disclosure Management, which could be...
CVE-2018-1799
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429...
CVE-2018-1799
IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429...