gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

Important: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

Emerson Dixell Arbitrary File Write (CVE-2021-45420)

An arbitrary file write vulnerability exists in Emerson Dixell. Successful exploitation of this vulnerability could result in denial of service and potentially code execution on the affected system...

xz security update

5.2.4-4 - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271...

RHEL 8 : xz (RHSA-2022:4994)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4994 advisory. XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv- Markov chain algorithm LZMA, which performs...

RHEL 8 : xz (RHSA-2022:4991)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4991 advisory. XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv- Markov chain algorithm LZMA, which performs...

Researchers Disclose Critical Flaws in Industrial Access Controllers from HID Mercury

As many as four zero-day security vulnerabilities have been disclosed in the HID Mercury access controller system that's used widely in healthcare, education, transportation, and government facilities. "The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and loc...

Amazon Linux AMI : gzip (ALAS-2022-1590)

The version of gzip installed on the remote host is prior to 1.5-9.20. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1590 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

Amazon Linux AMI : xz (ALAS-2022-1598)

The version of xz installed on the remote host is prior to 5.2.2-1.14. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1598 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

CVE-2021-40668

The Android application HTTP File Server Version 1.4.1 by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write...

Path traversal

The Android application HTTP File Server Version 1.4.1 by 'slowscript' is affected by a path traversal vulnerability that permits arbitrary directory listing, file read, and file write...

CVE-2021-40668

The CVE-2021-40668 entry concerns the Android application HTTP File Server (Version 1.4.1) by slowscript. Multiple connected sources confirm a path traversal vulnerability that permits arbitrary directory listing, file read, and file write. The NVD entry lists impact including partial confidentia...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the g GitArtifactReader.Read API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ... Details A...

Important: xz

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

Important: gzip

Issue Overview: An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to...

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

Important: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...