CVE-2017-9097

In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a...

CVE-2017-9097

CVE-2017-9097 (Anti-Web LFI) is an LFI vulnerability affecting Anti-Web versions up to 3.8.7 on NetBiter FGW200 (up to 3.21.2), WS100 (up to 3.30.5), EC150 (up to 1.40.0), WS200 (up to 3.30.4), EC250 (up to 1.40.0), and related products. The issue allows a remote attacker to read or modify files ...

Arbitrary File Write Vulnerability in Wolf CMS 0.8.3.1 Backend

Wolf CMS is a lightweight CMS program written in PHP. The latest version of Wolf CMS, version 0.8.3.1, has an arbitrary file write vulnerability in the backend, which can be exploited to create files with arbitrary suffixes and write arbitrary content. An attacker can use this vulnerability to...

CVE-2017-8108

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file...

Arbitrary File Write

thrushs is vulnerable to arbitrary file writes. Attackers are able to use thrushs to create files on a server...

PT-2017-8338 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: Pulp versions prior to 2.8.3 Description: The issue allows local users to leak keys or write to arbitrary files via a symlink attack, specifically targeting the pulp-gen-nodes-certificate script in Pulp. Recommendations: For versions prior to...

Improper access control

IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926...

CVE-2016-6089

IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926...

CVE-2015-8326

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...

UBUNTU-CVE-2015-8326

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...

CVE-2015-8326

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...

CVE-2015-8326

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...

IBM WebSphere MQ Local Security Bypass Vulnerability

IBM WebSphere MQ is a messaging middleware product from IBM, USA. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A local security bypass vulnerability exists in IBM WebSphere MQ versions 9.0.0.0 and 9.0.1 that stems from incorrect...

Parallels Desktop - Virtual Machine Escape

Parallels Desktop - Virtual Machine Escape + Title: Parallels Desktop - Virtual Machine Escape + Product: Parallels + Vendor: http://www.parallels.com/products/desktop/ + Affected Versions: All Version Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp...

openSUSE Security Update : libupnp (openSUSE-2017-650)

This update to libupnp 1.6.21 fixes the following security issues : - various string handling issues bsc898167 - CVE-2016-8863: out-of-bounds access bsc1006256 - CVE-2016-6255: fix for file write via POST bsc989948 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

CVE-2014-9983

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive...

DEBIAN-CVE-2014-9983

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive...

File Write Vulnerability in tpshop2.0 Backend

TPshop open source mall system Thinkphp shop for short , is a set of Shenzhen Soleil Networks Ltd. developed a set of multi- merchant model of the mall system . tpshop2.0 background file write vulnerability allows attackers to exploit the vulnerability to write arbitrary files...

SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2017:1446-1)

This update for sudo fixes the following issues: CVE-2017-1000367 : - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...

SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2017:1450-1)

This update for sudo fixes the following issues: CVE-2017-1000367 : - Due to incorrect assumptions in /proc/pid/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. bsc1039361 - Fix FQDN for...