300 matches found
Trend Micro Security 安全特征问题漏洞
Trend Micro Security is a suite of computer security protection software from Trend Micro. A security feature issue vulnerability exists in Trend Micro Security that stems from an unspecified error in the Folder Shield feature. A local user can modify files within a Folder Shield-protected folder...
PHP 安全漏洞
PHP is a scripting language that executes on the server side. PHP has a security vulnerability that allows an attacker to bypass PHP's access restrictions by using the Xml function null character in order to read or change files...
CVE-2021-43413
An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access...
CVE-2021-37364
OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8.exe files located in bin folders and replace with a malicious file that would...
OpenClinic GA 安全漏洞
OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management. A security vulnerability exists in OpenClinic GA, which stems from the fact that by default, the Authenticated Users group has permissio...
CVE-2021-38471
There are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files...
AUVESY Versiondog code issue vulnerability
AUVESY Versiondog is an automated production data and change management software solution from the German company AUVESY. AUVESY Versiondog is vulnerable to a code issue that could be exploited by attackers to modify existing files or create new ones...
AUVESY Versiondog 代码问题漏洞
AUVESY Versiondog is an automated production data and change management software solution from the German company AUVESY. AUVESY Versiondog is vulnerable to a code issue that could be exploited by attackers to modify existing files or create new ones...
PT-2021-5054 · Cisco · Cisco Access Points +1
Name of the Vulnerable Software and Affected Versions: Cisco Access Points APs affected versions not specified Description: A vulnerability in the SSH management feature could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The issu...
Rockwellautomation Rslinx Improper Input Validation
FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 an...
Unspecified Vulnerability in Johnson Controls Metasys
Johnson Controls Metasys system is the United States Johnson Controls Johnson Controls company's set of building automation system. A security vulnerability exists in Johnson Controls Metasys version 11.0 and prior versions that can be exploited by an attacker to send specially crafted web messag...
VulnCheck KEV: CVE-2021-22986
F5 BIG-IP and BIG-IQ Centralized Management contain a remote code execution vulnerability in the iControl REST interface that allows unauthenticated attackers with network access to execute system commands, create or delete files, and disable services...
CVE-2019-10225
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and...
CVE-2020-35948
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xclonerrestore.php writefileaction could...
CVE-2020-35948
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xclonerrestore.php writefileaction could...
PT-2020-6818 · Samsung · Samsung Mobile Devices
Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Mar-2021 Release 1 Description: The issue is related to improper access control in the clipboard service of Samsung mobile devices. This allows untrusted applications to read or write certain local...
CVE-2020-7119
A vulnerability exists in the Aruba Analytics and Location Engine ALE web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user...
Siemens Automation License Manager Local Elevation of Privilege Vulnerability
Siemens Automation License Manager is a Siemens system for processing remote and local licenses for HMI, SCADA and industrial products. Siemens Automation License Manager local elevation of privilege vulnerability. The vulnerability is due to the application failing to properly validate a user's...
CVE-2020-8473
Insufficient folder permissions used by system functions in ABB System 800xA Base version 6.1 and earlier allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her...
Avira Operations Free Antivirus Code Injection Vulnerability
Avira Operations Free Antivirus is a suite of antivirus programs from Avira Operations. A security vulnerability exists in Avira Operations Free Antivirus versions prior to 15.0.2004.1825, which stems from a self-protection feature that does not prohibit write operations by external processes. Th...