Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7213 matches found

CNVD
CNVDadded 2017/02/28 12:0 a.m.4 views

rubyzip gem Zip::File component directory traversal vulnerability

The rubyzip gem is a Ruby library for reading and writing zip files. A directory traversal vulnerability exists in the Zip::File component of the rubyzip gem. An attacker can exploit the vulnerability by uploading a malicious file to write an arbitrary file to the file system...

9.8CVSS7.1AI score0.0347EPSS
Exploits0References1
CVE
CVEadded 2017/02/27 7:25 a.m.110 views

CVE-2017-5946

CVE-2017-5946 – Rubyzip directory traversal vulnerability : The Zip::File component of the rubyzip gem for Ruby (pre-1.2.1) allows a ZIP archive to write files outside the target directory when a ZIP upload contains paths with "..". This enables arbitrary file writes on the filesystem if a site p...

9.8CVSS9.2AI score0.0347EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessusadded 2017/02/27 12:0 a.m.42 views

Debian DSA-3794-1 : munin - security update

Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...

5.5CVSS5.3AI score0.00421EPSS
Exploits0References4
FreeBSD
FreeBSDadded 2017/02/27 12:0 a.m.12 views

kdepimlibs -- directory traversal on KTNEF

Albert Aastals Cid reports: A directory traversal issue was found in KTNEF which can be exploited by tricking a user into opening a malicious winmail.dat file. The issue allows to write files with the permission of the user opening the winmail.dat file during extraction...

3.7AI score
Exploits0References1
Debian
Debianadded 2017/02/25 8:37 p.m.15 views

[SECURITY] [DSA 3794-1] munin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3794-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2017 https://www.debian.org/security/faq -...

1.9CVSS1.8AI score0.00421EPSS
Exploits0
Debian
Debianadded 2017/02/25 8:37 p.m.12 views

[SECURITY] [DSA 3794-1] munin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3794-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2017 https://www.debian.org/security/faq -...

5.5CVSS5.1AI score0.00421EPSS
Exploits0
OpenVAS
OpenVASadded 2017/02/24 12:0 a.m.14 views

Debian: Security Advisory (DSA-3794-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00421EPSS
Exploits0References3
CNVD
CNVDadded 2017/02/23 12:0 a.m.2 views

Munin Local File Write Vulnerability

Munin is a set of network resource monitoring tools. The tool monitors core system resources including memory, disk, CPU usage, server applications and more. A local file write vulnerability exists in Munin versions prior to 2.999.6. An attacker can exploit the vulnerability by setting multiple...

5.5CVSS6.8AI score0.00421EPSS
Exploits0References1
Prion
Prionadded 2017/02/22 7:59 p.m.12 views

Design/Logic Flaw

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

1.9CVSS5.2AI score0.00421EPSS
Exploits0References5Affected Software2
NVD
NVDadded 2017/02/22 7:59 p.m.10 views

CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

5.5CVSS5.3AI score0.00421EPSS
Exploits0References5
OSV
OSVadded 2017/02/22 7:59 p.m.1 views

DEBIAN-CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

5.5CVSS6.8AI score0.00421EPSS
Exploits0References1
OSV
OSVadded 2017/02/22 7:59 p.m.15 views

CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

5.5CVSS6.4AI score
Exploits0References5
Cvelist
Cvelistadded 2017/02/22 7:0 p.m.15 views

CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

5.2AI score0.00421EPSS
Exploits0References5
CVE
CVEadded 2017/02/22 7:0 p.m.141 views

CVE-2017-6188

CVE-2017-6188 affects Munin prior to a fixed version where CGI graphs enabled allow a local file overwrite by abusing multiple upper_limit GET parameters. The vulnerability enables overwriting any file accessible to the webserver user (www-data). Public disclosures and advisories in connected doc...

5.5CVSS5.2AI score0.00421EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinuxadded 2017/02/22 7:0 p.m.35 views

CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

5.5CVSS5.4AI score0.00421EPSS
Exploits0
Debian CVE
Debian CVEadded 2017/02/22 7:0 p.m.19 views

CVE-2017-6188

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...

5.5CVSS5.3AI score0.00421EPSS
Exploits0
Prion
Prionadded 2017/02/22 4:59 p.m.14 views

Design/Logic Flaw

The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...

5CVSS7AI score0.0324EPSS
Exploits0References10Affected Software3
NVD
NVDadded 2017/02/22 4:59 p.m.18 views

CVE-2016-9956

The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...

7.5CVSS7.3AI score0.0324EPSS
Exploits0References10
OSV
OSVadded 2017/02/22 4:59 p.m.1 views

UBUNTU-CVE-2016-9956

The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...

7.5CVSS7.2AI score0.0324EPSS
Exploits0References5
OSV
OSVadded 2017/02/22 4:59 p.m.1 views

DEBIAN-CVE-2016-9956

The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script...

7.5CVSS7.1AI score0.0324EPSS
Exploits0References1
Rows per page
Query Builder