Lucene search
K

34 matches found

CNVD
CNVD
added 2020/08/12 12:0 a.m.2 views

Mozilla Firefox Input Validation Error Vulnerability (CNVD-2020-46333)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 28 for iOS-based platforms. An attacker can exploit the vulnerability to modify file extensions...

4.3CVSS6.6AI score0.00582EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/09 4:13 p.m.24 views

CVE-2020-9820

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5. A remote attacker may be able to modify the file system...

6.9AI score0.00988EPSS
Exploits0References1
Prion
Prion
added 2020/04/09 8:15 p.m.20 views

Code injection

An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to turn off this feature. After that, one can construct an event that will modify a file at a specific...

7.5CVSS9.5AI score0.01997EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/02/17 6:0 p.m.22 views

CVE-2019-8408

OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice...

5.2AI score0.0123EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/02/15 12:0 a.m.3 views

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows attackers to alter file access rights or cause service interruptions.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow an attacker to modify file access rights or cause service interruptions...

6.8CVSS6.5AI score0.02817EPSS
Exploits0References3Affected Software1
Mageia
Mageia
added 2019/01/11 9:7 p.m.41 views

GNU tar has been updated to fix CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...

4.7CVSS3.6AI score0.00526EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2018/10/16 12:0 a.m.2 views

PT-2018-2401 · Oracle +1 · Mysql Server

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.12 and prior Description: The issue is related to insufficient access control in the Server: DDL component of Oracle MySQL, allowing a remote attacker to modify file permissions or cause a denial of service. Successf...

6.8CVSS5.8AI score0.01792EPSS
Exploits0References9
OSV
OSV
added 2016/03/29 3:59 p.m.1 views

CVE-2016-2288

Cogent DataHub before 7.3.10 allows local users to gain privileges by leveraging the user or guest role to modify a file...

7.8CVSS5.8AI score0.01331EPSS
Exploits4References2
Gentoo Linux
Gentoo Linux
added 2011/10/22 12:0 a.m.35 views

X.Org X Server: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description vladz reported the following vulnerabilities in the X.Org X server: The X.Org X server follows symbolic links when trying to access the lock file for a X display, showing a predictable...

1.9CVSS6.5AI score0.00605EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2010/11/09 9:0 p.m.40 views

CVE-2010-3867

Multiple directory traversal vulnerabilities in the modsitemisc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a 1 SITE MKDIR, 2 SITE RMDIR, 3 SITE SYMLINK...

7.1CVSS5.9AI score0.07502EPSS
Exploits3References1
Prion
Prion
added 2009/07/10 9:0 p.m.22 views

Cross site scripting

wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensitive information or modify this file, as...

4.9CVSS6.3AI score0.06259EPSS
Exploits8References14Affected Software2
Prion
Prion
added 2009/04/27 10:30 p.m.17 views

Code injection

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

5CVSS6.9AI score0.01205EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2008/12/15 12:0 a.m.17 views

AutositePHP 2.0.3 LFI/XSRF/File Editing

AutositePHP v2.0.3 LFI/CSRF/Edit File Multiple Remote Vulnerabilities + Discovered By SirGod + Greetz : All my friends + Download Script : http://sourceforge.net/projects/autositephp/ + Local File Inclusion PoC 1 : http://target/path/index.php?page=users/Local File Example 1 :...

Exploits0
Exploit DB
Exploit DB
added 1995/03/02 12:0 a.m.23 views

IRIX 5.2/6.0 - Permissions File Manipulation

source: https://www.securityfocus.com/bid/1751/info The IRIX's /usr/lib/desktop/permissions tool is a suid and sgid root applications normally used by users to modify permissions of their files and files they are privileged for. A vulnerability in the permissions tool allows local malicious users...

7AI score
Exploits0
Rows per page
Query Builder