70 matches found
CVE-2019-5326
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component...
WordPress InfiniteWP Client Authentication Bypass
This module exploits an authentication bypass in the WordPress InfiniteWP Client plugin to log in as an administrator and execute arbitrary PHP code by overwriting the file specified by PLUGINFILE. The module will attempt to retrieve the original PLUGINFILE contents and restore them after payload...
Microsoft Windows Device Management Enrollment Service Hard Link Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
CVE-2019-18575
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...
Microsoft Windows IP Helper Service Hard Link Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
Code injection
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
CVE-2010-2449
Gource through 0.26 logs to a predictable file name /tmp/gource-$UID.tmp, enabling attackers to overwrite an arbitrary file via a symlink attack...
UBUNTU-CVE-2019-16680
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction...
CVE-2018-5199
CVE-2018-5199 affects Veraport G3 ALL on macOS. The root cause is insufficient domain validation, enabling an attacker to overwrite an installation file with a malicious file and potentially execute arbitrary code. Exploitation details are not provided in the documents beyond the high-level descr...
Ubuntu: Security Advisory (USN-3439-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2018-11762
In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline --extract-dir= and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file...
UBUNTU-CVE-2018-11762
In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline --extract-dir= and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file...
Apache Derby Overwrite Arbitrary File Vulnerability
Apache Derby is the United States Apache Apache Software Foundation developed a set of open source database management system. A security vulnerability exists in the export process in Apache Derby. A remote attacker could exploit the vulnerability to overwrite an existing file...
Ubuntu 14.04 LTS : Ruby vulnerabilities (USN-3439-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3439-1 advisory. It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. CVE-2017-0898 Yusuke Endoh discover...
CVE-2017-13709
CVE-2017-13709 affects FlightGear prior to version 2017.3.1. The FGLogger subsystem’s Main/logger.cxx allows overwriting arbitrary files via a resource that can alter the contents of the global Property Tree, enabling an attacker with write access to cause data corruption or disclosure in affecte...
CVE-2017-13709
In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree...
Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)
Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...
IRIX 6.5.x inpview Race Condition Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1530/info Certain versions of IRIX ship with a version of inpview that creates files in '/var/tmp/' in an insecure manner and is therefore prone to a race condition. InPerson's 'inpview' is a networked multimedia...
Drummond Miles A1Stats 1.0 a1disp2.cgi Traversal Arbitrary File Read
No description provided by source. source: http://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as querystrings to the A1Stats script. An...