Adobe ColdFusion Improper Access Control Vulnerability

Adobe ColdFusion is a commercial rapid application development platform. A security vulnerability exists in Adobe ColdFusion. An attacker could exploit the vulnerability to gain access to the system file structure...

Palo Alto Networks Elevation of Privilege Vulnerability

Palo Alto Networks Traps is a suite of endpoint security protection software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks Traps version 5.0 prior to 5.0.8 and version 6.1 prior to 6.1.4 Windows. An attacker could exploit the vulnerability to elevate privileg...

CVE-2020-1991

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect...

NVIDIA Windows GPU Display Driver (Feb 2020)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities. - A privilege escalation vulnerability exists in NVIDIA Control Panel component. An unauthenticated, local attacker can exploit this, via corrputing a system file, to gain priviledged access to the...

CVE-2019-16066

An unrestricted file upload vulnerability exists in user and system file upload functions in NETSAS Enigma NMS 65.0.0 and prior. This allows an attacker to upload malicious files and perform arbitrary code execution on the system...

The vulnerabilities of the microprogramming software used in Huawei USG6330 and USG9500 allow for the tampering with system files using specially crafted update files.

The vulnerability of the microprogrammed network interface card software in Huawei USG6330 and USG9500 lies in the lack of integrity checks. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of system files using specially crafted update files...

CVE-2020-5957

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

CVE-2020-5957

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

Design/Logic Flaw

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2019-1061)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-5702

NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

Input validation

NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges...

CVE-2019-18575

Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability. A locally authenticated malicious user could exploit this vulnerability by creating a symlink to a target file, allowing the attacker to overwrite or corrupt a specified file on the system...

PT-2019-6063 · Qnap · Qnap Photo Station

Name of the Vulnerable Software and Affected Versions: QNAP Photo Station affected versions not specified Description: The issue allows remote attackers to access or modify system files due to an external control of file name or path vulnerability. This vulnerability is related to incorrect...

Centos 7 : runc

An update for runc is now available for CentOS 7 Extras. The runC tool is a lightweight, portable implementation of the Open Container Format OCF that provides container runtime. A flaw was found in the way runc handled system file descriptors when running containers. A malicious container could...

SQL Injection Vulnerability in LJCMS us***.php File

LJCMS is a free and open source content management system. A SQL injection vulnerability exists in the LJCMS us.php file. An attacker can exploit the vulnerability to obtain sensitive database information...

Microsoft Silent Update Torpedoes Windows Defender

A broken Microsoft Windows Defender signature file that was causing system file checks to fail got a patch this week – but the patch caused an even bigger issue, making Defender user-triggered antivirus scans fail altogether. The issue was in place for about a day before Microsoft re-patched the...

Directory Traversal

public is vulnerable to symbolic link attack. The application does not verify files before serving its contents to requests. This allows an attacker with local access to the web root to create a symbolic link of a system file within the web root, resulting in the remote access of the affected fil...

Oracle Linux 8 : container-tools:rhel8 (ELSA-2019-0975)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0975 advisory. container-selinux 2:2.94-1.git1e99f1d - Resolves: 1690286 - bump to v2.94 - Resolves: 1693806, 1689255 2:2.89-1.git2521d0d - bump to v2.89 runc...

The vulnerability of the implementation of secure configuration checks for Cisco NX-OS and FX-OS operating systems allows a perpetrator to execute arbitrary code with root privileges.

The vulnerability of the implementation of secure configuration checks for Cisco NX-OS and FX-OS networking operating systems is related to the lack of proper checks on system files. Exploiting this vulnerability can allow an attacker to execute arbitrary code with root privileges...