SUSE-SU-2023:0117-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...

SUSE-SU-2023:0116-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...

SUSE-SU-2023:0115-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

SUSE-SU-2023:0114-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

SUSE: Security Advisory (SUSE-SU-2023:0101-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0101-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

SUSE-SU-2023:0100-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

CVE-2022-46660

An unauthorized user could alter or write files with full control over the path and content of the file...

Auth0 JsonWebtoken < 9.0.0 Arbitrary File Write (deprecated)

This plugin has been deprecated because CVE-2022-23529 has been rejected, and this is no longer considered a vulnerability %NASLMINLEVEL 80900 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/02/24. Deprecated because the asscociated CCVE was rejected. This is no longer considered a...

Cisco TelePresence CE Arbitrary File Write (cisco-sa-roomos-trav-beFvCcyu)

According to its self-reported version, Cisco TelePresence Collaboration Endpoint Software is affected by an arbitrary file write vulnerability. Due to improper access controls on files in the that are in the local system, a local attacker can place a symbolic link in a specific location in the...

jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin

A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...

Froxlor 2.0.6 Remote Command Execution via Arbitrary File Write and Server Side Template Injection

Description Froxlor 2.0.6 Stable is suffering from Remote Command Execution that was achieved by chaining two bugs, the first one is an arbitrary file write on the logging feature, which allows an authenticated attacker to point the log file to any writable path even if it was the web server...

PT-2023-1605

Name of the Vulnerable Software and Affected Versions Windows versions prior to the January 2023 Patch Tuesday Description The issue is related to the implementation of the NT LAN Manager NTLM protocol in Windows operating systems, which is associated with insufficient access restrictions...

CVE-2022-4884

Path-Traversal in MKP storing in Tribe29 Checkmk =2.0.0p32 and = 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file...

jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin

A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...

CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item...

CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item...

CVE-2022-36943

CVE-2022-36943 : SSZipArchive (versions 2.5.3 and older) has an arbitrary file write vulnerability due to lack of sanitization for symlink paths. Opening a malicious ZIP that contains a symlink as the first item can cause SSZipArchive to overwrite arbitrary files on the filesystem. The available ...

CVE-2022-36943

SSZipArchive versions 2.5.3 and older contain an arbitrary file write vulnerability due to lack of sanitization on paths which are symlinks. SSZipArchive will overwrite files on the filesystem when opening a malicious ZIP containing a symlink as the first item...