194 matches found
CVE-2016-0889
An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname...
flash-plugin: multiple code execution issues fixed in APSB15-28
Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and writ...
Android Droidware UK Explorer+ File Manager Application Directory Traversal Vulnerability
Droidware UK Explorer+ File Manager application for Android is a file manager based on the Android platform. A directory traversal vulnerability exists in the Android Droidware UK Explorer+ File Manager application prior to version 2.3.3. A remote attacker can exploit this vulnerability to write...
Lexmark Markvision Enterprise LibraryFileUploadServlet servlet directory traversal vulnerability
Lexmark Markvision Enterprise is the United States Lexmark Lexmark a set of Web-based network device management software. The software is mainly used to manage network devices such as printers, such as providing some printer drivers for Unix systems. A directory traversal vulnerability exists in...
CVE-2014-9512
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...
CVE-2014-9512
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...
CVE-2014-9512
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...
CVE-2014-9512
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path...
CVE-2015-1194
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an archive...
CVE-2015-1038
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive...
CVE-2015-1038
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive...
CVE-2015-1191
Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a 1 full pathname or 2 .. dot dot in an archive...
CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2011-5294
The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in LTCML14n.dll 14.0.0.34 in Kofax e-Transactions Sender Sendbox 2.5.0.933 allows remote attackers to write to arbitrary files via a pathname in the first argument...
CVE-2011-5291
The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument...
CVE-2011-5291
The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument...
PT-2014-4562 · Telerik · Telerik Ui For Asp.Net Ajax
Name of the Vulnerable Software and Affected Versions: Telerik UI for ASP.NET AJAX versions prior to Q3 2012 SP2 Description: The issue allows remote attackers to write to arbitrary files and consequently execute arbitrary code via a full pathname in the UploadID metadata value in the...
UBUNTU-CVE-2014-7169
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...
UBUNTU-CVE-2014-0471
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."...
DEBIAN-CVE-2013-4510
Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report...