CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6876 matches found

Kaspersky•added 2015/07/20 12:0 a.m.•49 views

KLA10641 Multiple vulnerabilities in HP System Management Homepage

Multiple serious vulnerabilities have been found in HP System Management Homepage. Malicious users can exploit remotely these vulnerabilities to cause a denial of service, execution of arbitrary code, unauthorized modifications and access, disclosure of information and CSRF cross-site request...

6CVSS7.6AI score0.00924EPSS

Exploits0References3

Zero Day Initiative•added 2015/07/14 12:0 a.m.•116 views

Adobe Reader ARMSvc Elevation of Privilege Vulnerability

This vulnerability allows local attackers to elevate privileges on vulnerable installations of Adobe Reader. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ARMSvc service. An attacker can force the service to overwrite the Adobe updater with any...

6.9CVSS6.2AI score0.0107EPSS

Exploits0References1

Tenable Nessus•added 2015/07/08 12:0 a.m.•30 views

Scientific Linux Security Update : abrt on SL6.x i386/x86_64 (20150707)

It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. CVE-2015-3315 It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to...

7.8CVSS6.2AI score0.04815EPSS

Exploits4References7

RedHat Linux•added 2015/07/07 8:39 a.m.•2 views

abrt: does not validate contents of uploaded problem reports

It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other...

6.5CVSS5.9AI score0.01075EPSS

Exploits0References4

CNVD•added 2015/07/02 12:0 a.m.•2 views

Apple MAC OS X kextd Symbolic Link Arbitrary File Overwrite Vulnerability

Apple Mac OS X is a commercial operating system. Apple Mac OS X kextd suffers from a symbolic link vulnerability that allows attackers to run malicious applications and overwrite arbitrary files...

8.8CVSS6.8AI score0.01615EPSS

Exploits0References1

OSV•added 2015/06/22 11:50 p.m.•2 views

USN-2651-1 patch vulnerabilities

Jakub Wilk discovered that GNU patch did not correctly handle file paths in patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. CVE-2010-4651 László...

7.8CVSS6.9AI score0.11199EPSS

Exploits1References6

CNVD•added 2015/06/17 12:0 a.m.•2 views

Tanium Arbitrary File Overwrite Vulnerability

Tanium is an endpoint protection and management platform. An arbitrary file overwrite vulnerability exists in Tanium, which allows attackers to exploit the vulnerability to corrupt system files and conduct denial-of-service attacks...

7AI score

Exploits0References1

RedHat Linux•added 2015/06/11 1:21 p.m.•8 views

OpenJDK: jar directory traversal issues (Tools, 8064601)

A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted...

5.8CVSS6.7AI score0.03608EPSS

Exploits0References5

RedHat Linux•added 2015/06/09 7:48 p.m.•4 views

abrt: does not validate contents of uploaded problem reports

6.5CVSS5.9AI score0.01075EPSS

Exploits0References4

Japan Vulnerability Notes•added 2015/06/03 5:59 a.m.•1 views

"Open Explorer Beta" App for Android vulnerable to directory traversal

Overview "Open Explorer Beta" App for Android provided by brandroid.org contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

6.4CVSS6.9AI score0.01883EPSS

Exploits0References5

RedHat Linux•added 2015/05/20 6:36 p.m.•3 views

jar: directory traversal vulnerability

5CVSS5.8AI score0.06717EPSS

Exploits1References4

CNVD•added 2015/05/11 12:0 a.m.•3 views

Docker Insecure File Descriptor Handling Elevation of Privilege Vulnerability

Docker is an open-source application container engine that allows developers to package their applications, along with dependency packages, into a portable container and then distribute it to any popular Linux machine, also enabling virtualization. Docker's handling of container redistribution...

7.2CVSS6.7AI score0.00609EPSS

Exploits0References1

RedHat Linux•added 2015/04/20 2:27 p.m.•4 views

OpenJDK: jar directory traversal issues (Tools, 8064601)

5.8CVSS6.7AI score0.03608EPSS

Exploits0References5

RedHat Linux•added 2015/04/20 2:27 p.m.•2 views

jar: directory traversal vulnerability

5CVSS5.8AI score0.06717EPSS

Exploits1References4

Packet Storm•added 2015/04/19 12:0 a.m.•60 views

ADB Backup Traversal / File Overwrite

ADB backup archive path traversal file overwrite ------------------------------------------------ Using adb one can create a backup of his/her Android device and store it on the PC. The backup archive is based on the tar file format. By modifying tar headers to contain ../../ like patterns it is...

1.6CVSS0.5AI score0.01074EPSS

Exploits6