Lucene search
K

1309 matches found

BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of Cisco Nexus 1000V software allows a malicious individual to gain access to confidential information.

The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...

10CVSS8.1AI score0.9994EPSS
Exploits17References2
OSV
OSV
added 2016/04/15 2:59 p.m.2 views

CVE-2016-0889

An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname...

9.8CVSS5.9AI score0.03139EPSS
Exploits0References2
CNVD
CNVD
added 2015/11/01 12:0 a.m.3 views

Techno Project Japan Enisys Gw Arbitrary Code Execution Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A security vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to write to arbitrary files and execute arbitrary code...

6.5CVSS7.5AI score0.01959EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/30 12:0 a.m.3 views

Apple iOS Double Release Vulnerability

Apple iOS is an operating system for handheld devices developed by Apple Inc. A double release vulnerability exists in Apple iOS versions prior to 9.1, and OS X versions prior to 10.11.1. The vulnerability allows an attacker to perform arbitrary file write operations via a crafted application tha...

8.8CVSS8.8AI score0.01758EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/30 12:0 a.m.2 views

Apple OS X Symbolic Link Attack Vulnerability

Apple OS X is the operating system used by the Apple family of machines. A symbolic link attack vulnerability exists in Apple OS X versions prior to 10.11.1. The vulnerability allows an attacker to perform an unspecified symbolic link attack via a crafted application to perform arbitrary write to...

8.8CVSS6.7AI score0.01113EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/06/23 9:29 a.m.3 views

docker: symlink traversal on container respawn allows local privilege escalation

Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...

7.8CVSS7.2AI score0.00603EPSS
Exploits0References4
CNVD
CNVD
added 2015/05/26 12:0 a.m.3 views

IBM Security SiteProtector System Directory Traversal Vulnerability

The IBM Security SiteProtector System is a centralized management system that unifies the management and analysis of network, server and endpoint security agents and devices. A directory traversal vulnerability exists in IBM Security SiteProtector System, which allows remote attackers to write to...

5.5CVSS7AI score0.01362EPSS
Exploits0References1
OSV
OSV
added 2015/03/25 2:36 p.m.2 views

USN-2549-1 libarchive vulnerabilities

It was discovered that the libarchive bsdcpio utility extracted absolute paths by default without using the --insecure flag, contrary to expectations. If a user or automated system were tricked into extracting cpio archives containing absolute paths, a remote attacker may be able to write to...

6.4CVSS7AI score0.0489EPSS
Exploits1References3
CNVD
CNVD
added 2015/02/05 12:0 a.m.3 views

AVG Internet Security Elevation of Privilege Vulnerability

AVG Internet Security is an Internet security suite that includes antivirus, antispyware, antispam, link scanning and firewall. AVG Internet Security suffers from an elevation of privilege vulnerability, which can be exploited by a local attacker to write arbitrary files to enforce kernel-level...

7.2CVSS7.1AI score0.01458EPSS
Exploits5References1
OSV
OSV
added 2014/12/12 3:59 p.m.3 views

DEBIAN-CVE-2014-6407

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a 1 symlink or 2 hard link attack in an image archive in a a pull or b load operation...

7.5CVSS7.9AI score0.04909EPSS
Exploits0References1
securityvulns
securityvulns
added 2014/10/14 12:0 a.m.52 views

CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX

Vulnerability title: Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX CVE: CVE-2014-3074 Vendor: IBM Product: AIX Affected version: AIX 6.1 and 7.1 and VIOS 2.2. Reported by: Tim Brown Details: It has been identified that the runtime linker allows privilege escalati...

7.2CVSS1.4AI score0.00576EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2014/08/20 12:0 a.m.37 views

AIX 7.1 TL 2 : malloc (IV62807)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

7.2CVSS5.5AI score0.00576EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.25 views

AIX 6.1 TL 8 : malloc (IV61311)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

0.4AI score0.00576EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.18 views

AIX 7.1 TL 1 : malloc (IV61315)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

0.4AI score0.00576EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.35 views

AIX 6.1 TL 9 : malloc (IV60935)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

0.4AI score0.00576EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.22 views

AIX 6.1 TL 7 : malloc (IV61313)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

0.4AI score0.00576EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.45 views

AIX 7.1 TL 2 : malloc (IV61314)

It has been identified that the runtime linker allows privilege escalation via arbitrary file writes with elevated privileges programs. When MALLOCOPTIONS and MALLOCBUCKETS environment variables are set with bucket statistics options and by executing certain setuid programs, a non-privileged user...

0.4AI score0.00576EPSS
Exploits4References2
OSV
OSV
added 2014/04/30 2:22 p.m.1 views

DEBIAN-CVE-2014-0471

Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...

5CVSS6.6AI score0.02856EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2013/09/12 12:0 a.m.31 views

Personal Address Book 2.0 File Upload

TITLE: Unauthenticated Remote File Upload via HTTP for Personal Address Book 2.0 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/personal-address-book-helpful/id490328390?mt=8 http://www.tayutec.com/indexen.html Description: "Features: To creat...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/09/10 12:0 a.m.28 views

Lua-Programming Language 1.6 File Upload

TITLE: Unauthenticated Remote File Upload via HTTP for lua-Programming language 1.6 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1 http://www.tayutec.com/indexen.html Description: "Please download...

7.4AI score
Exploits0
Rows per page
Query Builder