HPE Intelligent Management Center Directory Traversal Vulnerability

HPE Intelligent Management Center iMC PLAT is a suite of network Intelligent Management Center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services, and users. imciccdm is one component. A security...

DEBIAN-CVE-2018-16597

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

CVE-2018-16597

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

Design/Logic Flaw

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

UBUNTU-CVE-2018-16597

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

CVE-2018-16597

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem...

Design/Logic Flaw

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node...

CVE-2018-1431

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node...

Privilege escalation

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated...

CVE-2018-8841

In Advantech WebAccess versions V8.220170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated...

Juniper JSNAPy Global Writable Default Profile Permissions Vulnerability

JSNAPy is Juniper developed Junos Snapshot Administrator open source python version. Juniper JSNAPy is vulnerable to a global writable default configuration file permissions vulnerability. An unprivileged local user could use this insecure file and directory permissions to change files in this...

PostgreSQL File Read Vulnerability

PostgreSQL is a free object-relational database management system developed by the PostgreSQL development group. The system supports most of the SQL standards and provides many other features, such as foreign keys, triggers, views, and so on. A security vulnerability exists in PostgreSQL. This...

CVE-2018-7308

A CSRF issue was found in var/www/html/files.php in DanWin hosting through 2018-02-11 that allows arbitrary remote users to add/delete/modify any files in any hosting account...

HP Support Assistant Elevation of Privilege Vulnerability

HP Support Assistant is a suite of solutions from Hewlett-Packard HP in the United States that provides support and other features for PCs and printers. An elevation of privilege vulnerability exists in HP Support Assistant. An attacker could use this vulnerability to elevate privileges and chang...

The vulnerability of the Sentinel License Manager, related to improper restriction of the path name to the catalog, allows a violator to delete or modify protected files.

The vulnerability of the Sentinel License Manager is related to an incorrect restriction on the path name to the “/int/” directory. Exploiting this vulnerability allows a malicious actor to delete or modify protected files using the “alpremove” and “checkinfile” parameters...

The vulnerability in the server component of the SAP POS software for accounting automation, trading, and production allows a perpetrator to read, modify, and delete files.

The vulnerability in the server component of the SAP Point of Sale software for accounting, sales, and production automation involves a lack of authentication procedures. Exploiting this vulnerability allows a malicious actor to read, modify, and delete files using port 2200...

QualitySoft QND Directory Traversal Vulnerability

QualitySoft QND is a suite of IT asset management solutions from QualitySoft Japan. The solution features external media control, device operation log viewing and URL filtering. A directory traversal vulnerability exists in QualitySoft QND Advance/Standard. An attacker can exploit this...

Red Hat RPM Elevation of Privilege Vulnerability

Red Hat RPM RPM Package Manager is a command-line driven package manager from Red Hat, Inc. that is used to install, uninstall, verify, query, and upgrade computer packages. A security vulnerability exists in Red Hat RPM versions prior to 4.13.0.2, which stems from a predictable temporary filenam...

CVE-2017-5081

Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files...

CVE-2017-1000115

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...