Lucene search
K

7280 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/04 12:0 a.m.5 views

Cisco Unified Computing System Unrestricted Upload of File with Dangerous Type (CVE-2017-12332)

A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations. The vulnerability is due to insufficient restrictions in the patch installation process. An attacker could exploit this vulnerability by installin...

4.9CVSS5.2AI score0.00325EPSS
Exploits0References7
OSV
OSV
added 2024/12/03 6:15 a.m.2 views

CVE-2024-49421

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location...

4.3CVSS5.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/03 5:48 a.m.12 views

CVE-2024-49421

Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location...

4.3CVSS7.1AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2024/12/03 5:48 a.m.47 views

CVE-2024-49421

CVE-2024-49421 describes a path traversal flaw in Samsung Quick Share Agent. Affected: Android 12 (before 3.5.14.47), Android 13 (before 3.5.19.41), Android 14 (before 3.5.19.42). Root cause: improper validation of user-supplied path leading to arbitrary file writes. Impact: adjacent attackers co...

4.3CVSS4.8AI score0.00352EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2024/12/01 6:38 a.m.2 views

Directory Traversal

Overview preqs is an A simple and fast requirements.txt file generator. Affected versions of this package are vulnerable to Directory Traversal due to improper path sanitization in the ArgParser.sanitisepath method. An attacker could manipulate the PATH argument to traverse directories using ".."...

6.9CVSS7.6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/23 12:0 a.m.4 views

PT-2024-10123

The issue is related to rsync, a software package used for synchronizing files across different locations. A path traversal flaw was discovered in rsync when the --safe-links option is used. This flaw allows an attacker to write files arbitrarily outside the intended directory due to rsync's...

9.8CVSS7.2AI score0.72059EPSS
Exploits8References135
OSV
OSV
added 2024/11/22 10:15 p.m.3 views

CVE-2024-7243

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS6.2AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 10:15 p.m.3 views

CVE-2024-7241

Panda Security Dome Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.8CVSS7.4AI score0.00337EPSS
Exploits0References1
0day.today
0day.today
added 2024/11/21 12:0 a.m.130 views

Judge0 Sandbox Escape Exploit

Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS7.8AI score0.07211EPSS
Exploits2
NVD
NVD
added 2024/11/18 8:15 p.m.22 views

CVE-2024-51499

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the updatefiles method of the SubmissionsController allows authenticated users e.g. students to write arbitrary files to any location...

8.8CVSS0.00696EPSS
Exploits0References2
NVD
NVD
added 2024/11/18 8:15 p.m.23 views

CVE-2024-51743

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location on the web server...

8.8CVSS0.00723EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/18 8:4 p.m.9 views

CVE-2024-51743 Arbitrary File Write leading up to remote code execution (instructor accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location on the web server...

7.1CVSS7.7AI score0.00723EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/18 8:4 p.m.13 views

CVE-2024-51743 Arbitrary File Write leading up to remote code execution (instructor accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location on the web server...

7.1CVSS0.00723EPSS
Exploits0References2
CVE
CVE
added 2024/11/18 8:4 p.m.53 views

CVE-2024-51743

CVE-2024-51743 affects MarkUs up to version 2.4.8, where an arbitrary file-write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write files to locations on the server. The underlying issue can lead to delayed remote code execution if a Ru...

8.8CVSS8.9AI score0.00723EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/11/18 8:4 p.m.3 views

CVE-2024-51743 Arbitrary File Write leading up to remote code execution (instructor accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability in the update/upload/create file methods in Controllers allows authenticated instructors to write arbitrary files to any location on the web server...

7.1CVSS7.9AI score0.00723EPSS
Exploits0References4
CVE
CVE
added 2024/11/18 7:52 p.m.55 views

CVE-2024-51499

CVE-2024-51499 (MarkUs) : Affected software is MarkUs web app (Rails) versions before 2.4.8. The root cause is an arbitrary file write vulnerability exposed through the SubmissionsController.update_files method, allowing authenticated users (e.g., students) to write files to arbitrary server path...

8.8CVSS7.3AI score0.00696EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/11/18 7:52 p.m.22 views

CVE-2024-51499 MarkUs Arbitrary File Write leading up to remote code execution (student accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the updatefiles method of the SubmissionsController allows authenticated users e.g. students to write arbitrary files to any location...

7.1CVSS0.00696EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/18 7:52 p.m.21 views

CVE-2024-51499 MarkUs Arbitrary File Write leading up to remote code execution (student accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the updatefiles method of the SubmissionsController allows authenticated users e.g. students to write arbitrary files to any location...

7.1CVSS7.9AI score0.00696EPSS
Exploits0References2
OSV
OSV
added 2024/11/18 7:52 p.m.5 views

CVE-2024-51499 MarkUs Arbitrary File Write leading up to remote code execution (student accounts)

MarkUs is a web application for the submission and grading of student assignments. In versions prior to 2.4.8, an arbitrary file write vulnerability accessible via the updatefiles method of the SubmissionsController allows authenticated users e.g. students to write arbitrary files to any location...

7.1CVSS8AI score0.00696EPSS
Exploits0References4
NVD
NVD
added 2024/11/18 10:15 a.m.13 views

CVE-2024-41973

A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges...

8.1CVSS0.00605EPSS
Exploits0References1
Rows per page
Query Builder