UBUNTU-CVE-2016-4072

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the pharanalyzepath function in ext/phar/phar.c...

NTP ntpq Component Elevation of Privilege Vulnerability

NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. An elevation of privilege vulnerability exists in the ntpq component of NTP version 4.2.8p5, which can be exploited by a remote attacker to affect integrity by manipulating the...

Directory traversal

Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the fileName parameter...

CVE-2016-3972

Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the fileName parameter...

CVE-2016-1340

Heap-based buffer overflow in Cisco Unified Computing System UCS Platform Emulator 2.52TS4, 3.02cA, and 3.02cTS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837...

CVE-2016-1340

Heap-based buffer overflow in Cisco Unified Computing System UCS Platform Emulator 2.52TS4, 3.02cA, and 3.02cTS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837...

CVE-2016-1340

Heap-based buffer overflow in Cisco Unified Computing System UCS Platform Emulator 2.52TS4, 3.02cA, and 3.02cTS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837...

Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability

A vulnerability in Cisco Unified Computing System UCS Platform Emulator could allow an authenticated, local attacker to trigger a heap-based buffer overflow on a targeted system. The vulnerability occurs because the affected system improperly handles libclimeta.so filename arguments. An attacker...

DEBIAN-CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long filename, involving handling a "config" command...

UBUNTU-CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long filename, involving handling a "config" command...

CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long filename, involving handling a "config" command...

CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long filename, involving handling a "config" command...

Ubiquiti Inc.: UniFi Video Server - Arbitrary file upload as SYSTEM

In UniFi Video Server prior to 3.3.0, due to lack of filename verification, it was possible to upload files to arbitrary locations using a especially crafted HTTP request. The exploit require valid credentials and is only exploitable in the Windows version...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

Heap overflow

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

CVE-2016-3976

Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ dot dot backslash in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971. Recent assessments: Assessed Attacker Value: 0 Assessed...

PHP 5.5.33 - Invalid Memory Write

Exploit for php platform in category dos / poc Exploit Title: Invalid memory write in phar on filename with \0 in name Date: 2016-03-19 Exploit Author: @vah13 Vendor Homepage: https://secure.php.net/ Software Link: https://github.com/php/php-src Version: 5.5.33 Tested on: Linux Test script:...

BigTree 4.2.8 Object Injection / Improper Filename Sanitization

Security Advisory - Curesec Research Team 1. Introduction Affected Product: BigTree 4.2.8 Fixed in: BigTree 4.2.9 Fixed Version Link: https://www.bigtreecms.org/download/ Vendor Website: https://www.bigtreecms.org/ Vulnerability Type: Object Injection & Improper Filename Sanitation Remote...