The vulnerability of the WebGL component in the Chrome web browser allows a hacker to copy arbitrary files to the target directory.

The vulnerability of the WebGL component in the Chrome web browser is related to reading data beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to write arbitrary files to the target directory remotely...

CVE-2018-20794

tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file jpg/jpeg/png via path traversal with the path parameter, through the saveimg action in ajaxcalls.php...

tecrail Responsive FileManager path traversal vulnerability (CNVD-2019-12901)

tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail. The product supports the uploading and management of videos, images or other files. A path traversal vulnerability exists in the 'createfile' function of the execute.php file in version...

CVE-2017-13804

An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attackers to write to unintended pathnames via a crafte...

UBUNTU-CVE-2017-5037

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...

UBUNTU-CVE-2016-6255

Portable UPnP SDK aka libupnp before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler...

CVE-2016-6255

Removed by vendor...

DEBIAN-CVE-2016-7947

Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response...

Zizai Tech Nut Design Vulnerability

Zizai Tech Nut is a Nut smart finder and anti-loss patch product from China's Zizai Tech. Zizai Tech Nut allows unauthorized pairing of Bluetooth devices, which can be exploited by a remote attacker to submit a special request to write data to the device name attribute...

DEBIAN-CVE-2016-5418

The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file...

DEBIAN-CVE-2016-6232

Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ dot dot slash in a filename in an archive file, related to KNewsstuff downloads...

CVE-2016-4971

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource...

CVE-2016-4500

Moxa UC-7408 LX-Plus devices allow remote authenticated users to write to the firmware, and consequently render a device unusable, by leveraging root access...

Advantech WebAccess File Upload Vulnerability

Advantech WebAccess HMI/SCADA software provides remote control and management. An unrestricted file upload vulnerability exists in Advantech WebAccess versions prior to 8.1, which can be exploited by a remote attacker to write to any type of file...

CVE-2015-7919

SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service application crash, via unspecified vectors...

CVE-2015-7919

SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service application crash, via unspecified vectors...

Adobe Flash Player & Compiler Security Mechanism Bypass Vulnerability

Adobe Flash Player, Adobe AIR SDK, and Adobe AIR SDK & Compiler are products of Adobe, Incorporated.Adobe Flash Player is a multimedia player; Adobe AIR SDK and Adobe AIR SDK & Compiler are standard development kits for Adobe AIR a cross-OS runtime environment. Adobe Flash Player is a multimedia...

CVE-2015-4289

Cisco AnyConnect Secure Mobility Client 4.0(2049) is affected by a directory traversal vulnerability that allows an unauthenticated head-end to craft attributes and cause the client to write arbitrary files in the active user’s context. The issue stems from insufficient input validation during co...

ZOHO ManageEngine SupportCenter Plus Directory Traversal Vulnerability

ZOHO ManageEngine SupportCenter Plus is a customer service support management software from ZOHO USA. The software provides help desk, customer management, service level management and tracking of customer requests. A directory traversal vulnerability exists in ZOHO ManageEngine SupportCenter Plu...

UBUNTU-CVE-2015-2304

Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive...