Design/Logic Flaw

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

Zoho ManageEngine Desktop Central Web Services Vulnerability

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control and other functional modules to support the entire lifecycle of desktop and server management. A security...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview org.codehaus.plexus:plexus-archiver is a Collection of Plexus components to create archives or extract files out of an archive to a directory with a unified Archiver/UnArchiver API whatever the archive format is. Affected versions of the package are vulnerable to Arbitrary File Write via...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview org.zeroturnaround:zt-zip is a library that helps to create, modify or extract ZIP archives. Affected versions of the package are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". It is exploited using a specially crafted zip archive, that holds path traversal...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview net.lingala.zip4j:zip4j is a open source java library to handle zip files. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. Successful exploitation of this vulnerability can result in remote command execution. Details It is exploit...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview sharpcompress is a compression library for .NET Standard 1.0 that can unrar, decompress 7zip, decompress xz, zip/unzip, tar/untar lzip/unlzip, bzip2/unbzip2 and gzip/ungzip with forward-only reading and file random access APIs. Affected versions of the package are vulnerable to Arbitrary...

Arbitrary File Write

diffoscope is vulnerable to arbitrary file write attacks. The vulnerability exists because it does not properly escape the filenames when extracting archive members...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview github.com/mholt/archiver/cmd/archiver makes it trivially easy to make and extract common archive formats such as .zip, and .tar.gz. Simply name the input and output files. Affected versions of the package are vulnerable to Arbitrary File Write via Archive Extraction AKA "Zip Slip". It i...

UBUNTU-CVE-2018-1079

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with...

DEBIAN-CVE-2018-1079

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with...

pcs: Privilege escalation via authorized user malicious REST call

It was found that the REST interface of the pcsd service did not properly sanitize the file name from the /remote/putfile query. If the /etc/booth directory exists, an authenticated attacker with write permissions could create or overwrite arbitrary files with arbitrary data outside of the...

SeaCMS system has an override access vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A code execution vulnerability exists in the SeaCMS system. Because the program does not effectively filter the data written to the write...

Design/Logic Flaw

In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from. This is because FTP client code in HPL/SQL does not veri...

CVE-2018-1315

CVE-2018-1315 affects Apache Hive 2.1.0–2.3.2 when using the HPL/SQL extension and issuing COPY FROM FTP. The FTP client does not verify the destination path, allowing a compromised FTP server to cause the downloaded file to be written to an arbitrary location on the cluster where the command is ...

Arbitrary File Write

Amendment This was deemed not a vulnerability. Overview org.apache.hive:hive-common is a reading, writing, and managing large datasets residing in distributed storage using SQL. Affected versions of this package are vulnerable to Arbitrary File Write via the File Transfer Protocol FTP client...

Arbitrary File Write

Overview org.apache.hive:hive-hplsql is a data warehouse software facilitates reading, writing, and managing large datasets residing in distributed storage using SQL. Affected versions of this package are vulnerable to Arbitrary File Write via the File Transfer Protocol FTP client functionality...

Cisco IOS XE Software Input Validation Vulnerability

Cisco IOS XE Software is an operating system developed by Cisco for its network devices. An input validation vulnerability exists in the Web UI of Cisco IOS XE Software, which arises from the program's failure to adequately perform input validation on HTTP requests. A remote attacker could exploi...

Homematic CCU2 2.29.23 Arbitrary File Write

!/usr/bin/ruby Exploit Title: Homematic CCU2 Arbitrary File Write Date: 28-03-18 Exploit Author: Patrick Muench, Gregor Kopf Vendor Homepage: http://www.eq-3.de Software Link: http://www.eq-3.de/service/downloads.html?id=268 Version: 2.29.23 CVE : 2018-7300 Description:...

Homematic CCU2 2.29.23 - Arbitrary File Write

!/usr/bin/ruby Exploit Title: Homematic CCU2 Arbitrary File Write Date: 28-03-18 Exploit Author: Patrick Muench, Gregor Kopf Vendor Homepage: http://www.eq-3.de Software Link: http://www.eq-3.de/service/downloads.html?id=268 Version: 2.29.23 CVE : 2018-7300 Description:...

Homematic CCU2 2.29.23 - Arbitrary File Write

Homematic CCU2 2.29.23 - Arbitrary File Write !/usr/bin/ruby Exploit Title: Homematic CCU2 Arbitrary File Write Date: 28-03-18 Exploit Author: Patrick Muench, Gregor Kopf Vendor Homepage: http://www.eq-3.de Software Link: http://www.eq-3.de/service/downloads.html?id=268 Version: 2.29.23 CVE :...