Lucene search
+L

194 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.5 views

SUSE CVE-2016-10173

Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. dot dot in a TAR archive entry...

7.5CVSS7.1AI score0.04742EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2022/10/24 12:0 a.m.290 views

Email-Worm.Win32.Kipis.c MVID-2022-0652 File Write / Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8d0df60c96e4011c312d61ed3e6dc70e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Kipis.c Vulnerability: Remote File Write Code Execution Description: The...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2022/08/24 8:2 p.m.6 views

rsync: remote arbitrary files write inside the directories of connecting peers

A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories. This flaw allows a malicious server, or in some cases, another attacker wh...

7.4CVSS7.4AI score0.01672EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2022/07/28 1:15 a.m.5 views

CVE-2022-36990

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from...

9.6CVSS5.9AI score0.0058EPSS
Exploits0References2
OSV
OSV
added 2022/07/28 1:15 a.m.4 views

CVE-2022-36990

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from...

6.5CVSS5.9AI score0.0058EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/07/28 12:0 a.m.14 views

Veritas NetBackup 安全漏洞

Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports ransomware detection and backup protection of environmental data such as metadata and virtual environments. A security vulnerabilit...

9.6CVSS6.7AI score0.0058EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/28 12:0 a.m.5 views

PT-2022-23735 · Veritas · Veritas Netbackup

Name of the Vulnerable Software and Affected Versions: Veritas NetBackup versions 8.1.x through 8.1.2 Veritas NetBackup version 8.2 Veritas NetBackup versions 8.3.x through 8.3.0.2 Veritas NetBackup versions 9.x through 9.0.0.1 Veritas NetBackup versions 9.1.x through 9.1.0.1 Description: An issu...

9.6CVSS6.4AI score0.0058EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/05/03 7:11 a.m.10 views

gzip: arbitrary-file-write vulnerability

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...

8.8CVSS7.2AI score0.04271EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2022/03/04 12:0 a.m.280 views

Backdoor.Win32.Augudor.a Remote File Write / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/bf1b1a2f4be78d6b62ed7c316c77a9a1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Augudor.a Vulnerability: Unauthenticated Remote File Write - RCE Description: Augudor...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/02/01 12:0 a.m.7 views

The vulnerability in the web interface of the software system for monitoring and managing Cisco Prime Infrastructure network equipment, as well as the Cisco Evolved Programmable Network Manager software for managing network services, allows a perpetrator to write arbitrary files.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager software relates to deficiencies in path name checking for access-limited directories. Exploiting this vulnerability could allow a malicious actor to...

6.5CVSS5.5AI score0.01649EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/01/28 12:0 a.m.8 views

The vulnerability of the Adobe Connect instant messaging program, related to the,。

The vulnerability of the Adobe Connect instant messaging program relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to remotely write arbitrary files to the device’s file system...

4.3CVSS7.1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2021/11/12 2:15 a.m.5 views

CVE-2021-42775

Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if not installed in Strictly Local Management mode, have a vulnerability in the remote firmware download feature that could allow a user to place or replace an arbitrary file on the remote host. In...

9.1CVSS5.9AI score0.00958EPSS
Exploits0References2
OSV
OSV
added 2021/09/09 7:15 p.m.5 views

CVE-2021-25450

Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket...

6.5CVSS6.7AI score0.00165EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/08/18 9:13 a.m.14 views

apache-flink: directory traversal attack allows remote file writing through the REST API

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

7.5CVSS5.9AI score0.50038EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2021/08/12 12:0 a.m.335 views

CVE-2021-36942

Windows LSA Spoofing Vulnerability Recent assessments: jbaines-r7 at January 25, 2022 4:35pm UTC reported: Recently, I was attempting to combine James Forshaw’s remote EFSRPC file write “bug” with a local privilege escalation that I’d discovered. I was getting strange results. Working on one...

9.8CVSS8.2AI score0.66023EPSS
In wildExploits4References3
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.6 views

apache-flink: directory traversal attack allows remote file writing through the REST API

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

7.5CVSS5.9AI score0.50038EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2021/08/06 12:0 a.m.587 views

Backdoor.Win32.Zaratustra Remote File Write / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f240c16af2189ea9c94f317281ce7e59.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Zaratustra Vulnerability: Unauthenticated Remote File Write Remote Code Exec...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/05/20 12:0 a.m.7 views

Vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are caused by privilege management errors, allowing attackers to write arbitrary files to the device’s file system.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are due to privilege management errors. Exploiting these vulnerabilities can allow an attacker to remotely write arbitrary files...

10CVSS7.9AI score0.03458EPSS
Exploits0References3
OSV
OSV
added 2021/03/15 8:11 p.m.16 views

USN-4769-1 salt vulnerabilities

It was discovered that Salt allowed remote attackers to write to arbitrary files via a special crafted file. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2014-3563 Andreas Stieger discovered that Salt...

9.8CVSS7.1AI score0.05199EPSS
Exploits0References9
Rapid7 Blog
Rapid7 Blog
added 2021/02/11 9:18 p.m.108 views

CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)

Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function." This vulnerability CVE-2021-22652 has a CVSSv3 score of 9.8, which is usually CRITICAL, since it effectively allows anyone who can connect to the iView server to run...

7.5CVSS0.1AI score0.36845EPSS
Exploits4
Rows per page
Query Builder