CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7267 matches found

Ivanti•added 2023/07/28 3:59 p.m.•13 views

CVE-2023-35081 - Remote Arbitrary File Write

A vulnerability has been discovered in Ivanti Endpoint Manager Mobile EPMM, formerly known as MobileIron Core. This vulnerability impacts all supported versions –releases 11.10, 11.9 and 11.8. Older versions/releases are also at risk. This vulnerability is different from CVE-2023-35078, released ...

7.2CVSS7.3AI score0.63316EPSS

Exploits0

RedhatCVE•added 2023/07/27 2:54 p.m.•31 views

CVE-2023-38745

An arbitrary file write vulnerability was found in Haskell's Pandoc. This issue can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option or outputting to PDF format. This may allow an attacker to create or overwrite...

5CVSS7AI score0.00349EPSS

Exploits1References3

RedhatCVE•added 2023/07/27 2:54 p.m.•35 views

CVE-2023-35936

5CVSS5.5AI score0.00349EPSS

Exploits1References4

Veracode•added 2023/07/27 1:20 a.m.•30 views

Arbitrary File Write

pandoc is vulnerable to Arbitrary File Write. By providing a constructed picture element as input while creating files with the --extract-media option or outputting to PDF format, an arbitrary file write vulnerability may be exploited. This vulnerability affects systems that enable pandoc to outp...

6.1CVSS6.9AI score0.00349EPSS

Exploits1References6Affected Software1

SUSE CVE•added 2023/07/26 1:34 a.m.•4 views

SUSE CVE-2023-38745

Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of...

6.1CVSS7AI score0.00247EPSS

Exploits0References3

Tenable Nessus•added 2023/07/26 12:0 a.m.•599 views

Curl Arbitrary File Write 7.x >= 7.84.0 / 8.x <= 8.1.2 (CVE-2023-32001)

The version of Curl installed on the remote host is between 7.84.0 and 8.1.2. It is therefore affected by an arbitrary file write vulnerability. Curl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called stat followed by fopen in a way that made it vulnerable t...

6AI score

Exploits0References2

OpenVAS•added 2023/07/26 12:0 a.m.•11 views

Debian: Security Advisory (DLA-3507-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.3AI score0.00349EPSS

Exploits1References4

OSV•added 2023/07/25 4:15 a.m.•25 views

CVE-2023-38745

6.3CVSS7.3AI score

Exploits0References8

OSV•added 2023/07/25 4:15 a.m.•3 views

UBUNTU-CVE-2023-38745

6.3CVSS6.4AI score0.00247EPSS

Exploits0References6

UbuntuCve•added 2023/07/25 4:15 a.m.•93 views

CVE-2023-38745

6.3CVSS6.3AI score0.00247EPSS

Exploits0References5

Prion•added 2023/07/25 4:15 a.m.•26 views

Path traversal

2.6CVSS5.3AI score0.00349EPSS

Exploits1References3Affected Software2

CNNVD•added 2023/07/25 12:0 a.m.•3 views

Pandoc 安全漏洞

Pandoc is a Haskell library for converting from one markup format to another, as well as command line tools that use the library. A security vulnerability exists in Pandoc versions prior to 3.1.6, which stems from an arbitrary file write vulnerability in the extract-media function...

6.3CVSS6AI score0.00247EPSS

Exploits0References5

Cvelist•added 2023/07/25 12:0 a.m.•42 views

CVE-2023-38745

6.6AI score0.00247EPSS

Exploits0References6

Debian CVE•added 2023/07/25 12:0 a.m.•38 views

CVE-2023-38745

6.3CVSS5.9AI score0.00247EPSS

Exploits0

Vulnrichment•added 2023/07/25 12:0 a.m.•18 views

CVE-2023-38745

6.9AI score0.00247EPSS

Exploits0References6

CVE•added 2023/07/25 12:0 a.m.•102 views

CVE-2023-38745

Pandoc-era vulnerability set affects Pandoc up to 3.1.6. CVE-2023-38745: before 3.1.6, an arbitrary file write is possible when processing crafted image elements with --extract-media or PDF output, depending on process privileges. Root cause ties to an incomplete/adjusted handling of paths and do...

6.3CVSS5.7AI score0.00247EPSS

Exploits0References8Affected Software1

Tenable Nessus•added 2023/07/25 12:0 a.m.•19 views

Debian dla-3507 : libghc-pandoc-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3507 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3507-1 [email protected]...

6.3CVSS6.3AI score0.00349EPSS

Exploits1References6

Cvelist•added 2023/07/24 3:19 p.m.•27 views

CVE-2023-1386 Qemu: 9pfs: suid/sgid bits not dropped on file write

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the gue...

3.3CVSS7.6AI score0.00223EPSS

Exploits0References5

Vulnrichment•added 2023/07/24 3:19 p.m.•14 views

CVE-2023-1386 Qemu: 9pfs: suid/sgid bits not dropped on file write

3.3CVSS6.4AI score0.00223EPSS

Exploits0References5