7249 matches found
CVE-2016-10847
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath SEC-80...
Design/Logic Flaw
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath SEC-80...
CVE-2016-10847
cPanel before 11.54.0.4 allows arbitrary file-read and file-write operations via scripts/fixmailboxpath SEC-80...
CVE-2018-20882
cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...
CVE-2018-20882
cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...
Default credentials
cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...
CVE-2018-20882
CVE-2018-20882 affects cPanel prior to 74.0.8, enabling arbitrary file-write under the root context during WHM Force Password Change (SEC-447). This is a local-attack vector impacting systems running affected cPanel versions. The vulnerability arises in the root context during the password-change...
CVE-2018-20882
cPanel before 74.0.8 allows arbitrary file-write operations in the context of the root account during WHM Force Password Change SEC-447...
USN-4085-1 Sigil vulnerability
Mike Salvatore discovered that Sigil mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem...
CVE-2019-10185
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break o...
icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite
It was found that icedtea-web was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox...
Jenkins < 2.186 and < 2.176.2 LTS Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Jenkins < 2.186 and < 2.176.2 LTS Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-14413
cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...
CVE-2019-14413
cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...
Code injection
cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...
CVE-2019-14413
CVE-2019-14413 affects cPanel prior to 78.0.2, where an input validation/permissions issue allows certain file-write operations as a shared user during connection resets (SEC-476). Documented by multiple sources (NVD, Red Hat, CNVD, CVE lists) confirms the vulnerability in the cPanel web-based pl...
CVE-2019-14413
cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...
Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities
The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...
Comodo Antivirus explosion multiple vulnerabilities-vulnerability warning-the black bar safety net
Comodo is a company located in the United States software company, headquartered in Jersey City, was established in 1998, is a world-renowned IT security service provider and SSL certificate providers. Researchers at Comodo Antivirus / Comodo Antivirus Advanced and other products found in the...