Oracle Linux 9 : nano (ELSA-2024-9430)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9430 advisory. 5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237 Tenable has extracted the preceding description block directly from the Oracle Linux security...

nano security update

5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237...

PT-2024-16656 · Rockwell Automation · Rockwell Automation

Name of the Vulnerable Software and Affected Versions: Rockwell Automation products affected versions not specified Description: A Local Privilege Escalation issue exists in the affected product, requiring a local, low-privileged threat actor to replace certain files during an update. This issue...

Rockwell Automation FactoryTalk Updater 安全漏洞

Rockwell Automation FactoryTalk Updater is a secure tool from Rockwell Automation, Inc. for managing Rockwell Automation software versions and activations on networked computers. A security vulnerability exists in Rockwell Automation FactoryTalk Updater versions prior to v4.20.00, which stems fro...

CVE-2024-30117

A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances...

CVE-2024-30117

CVE-2024-30117 (HCL BigFix Platform) is a DLL hijack vulnerability where a dynamic search for a prerequisite library could allow an attacker to replace the correct file under certain conditions. Connected sources indicate affected versions on BigFix Server: 9.5.x prior to 9.5.25, 10.0.x prior to ...

PT-2024-23193 · Hcl +1 · Bigfix Platform

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. The issue...

HCL BigFix Platform 安全漏洞

HCL BigFix Platform is a suite of endpoint security management platforms from HCL Corporation, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that stems from the fact that a dynamic...

nano security update

2.9.8-3 - fix incomplete backport of the fix for the emergency file replacement vulnerability RHEL-35236 2.9.8-2 - fix emergency file replacement vulnerability RHEL-35236...

Oracle Linux 8 : nano (ELSA-2024-6986)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6986 advisory. 2.9.8-3 - fix incomplete backport of the fix for the emergency file replacement vulnerability RHEL-35236 2.9.8-2 - fix emergency file replacement vulnerability...

CVE-2024-40547

PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace...

CVE-2024-40547

PublicCMS v4.0.202302.e contains an arbitrary file content replacement vulnerability reachable via the /admin/cmsTemplate/replace endpoint. Affects the PublicCMS 4.0.202302.e release; root cause details describe arbitrary file content replacement through the specified API. Impact is privacy/integ...

PT-2024-28912 · Publiccms · Publiccms

Name of the Vulnerable Software and Affected Versions: PublicCMS version 4.0.202302.e Description: The issue allows for arbitrary file content replacement via the /admin/cmsTemplate/replace API endpoint. Recommendations: For PublicCMS version 4.0.202302.e, consider restricting access to the...

CVE-2024-2747

CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine...

CVE-2024-2747

CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine...

Fedora 39 : nano (2024-8abde32a6e)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8abde32a6e advisory. fix emergency file replacement vulnerability Resolves: rhbz2277586 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 40 : nano (2024-93f31f5de6)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-93f31f5de6 advisory. fix emergency file replacement vulnerability Resolves: rhbz2277586 Tenable has extracted the preceding description block directly from the Fedora security...

The vulnerability of Check Point Endpoint Security for Windows, a comprehensive security solution for network endpoints, allows an attacker to replace arbitrary files in the system and execute arbitrary code.

The vulnerability of Check Point Endpoint Security for Windows, a comprehensive security solution for network endpoints, is related to an improper definition of symbolic links before accessing files. Exploiting this vulnerability allows an attacker to replace arbitrary files in the system and...

GL.iNet AR300M v4.3.7 Arbitrary File Read - CVE-2023-46455 Exploit

!/usr/bin/env python3 Exploit Title: GL.iNet = 4.3.7 Arbitrary File Write Google Dork: intitle:"GL.iNet Admin Panel" Date: XX/11/2023 Exploit Author: Michele 'cyberaz0r' Di Bonaventura Vendor Homepage: https://www.gli-net.com Software Link:...

Improper Access Control

Kinto Attachment is vulnerable to Improper Access Control. The vulnerability is due to improper access control where the attachment file of an existing record can be replaced if the user has "read" permission on one of the parent...