24 matches found
CVE-2026-48693
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...
WordPress plugin Ekoterra 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin MyHome Core has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2022-0626
Malicious code in bioql PyPI...
CVE-2013-0967
CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site...
CVE-2022-25297
This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names during upload using HttpFile::save method may enable attackers to write files to arbitrary locations outside the designated target folder...
CVE-2022-25299
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write files to arbitrary locations outside the designated target folder...
CVE-2020-1122
An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially...
CVE-2016-8656
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation...
CVE-2016-8656
Technical details about CVE-2016-8656 are not provided in the connected documents. Public information in the Initial Description is limited to vulnerability wording. Monitor for updates from vendors and security advisories.
CVE-2016-8656
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation...
CVE-2017-12189
It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656...
Privilege escalation
It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation. This issue is a result of an incomplete fix for CVE-2016-8656...
jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
tomcat: unsafe chown of catalina.log in tomcat init script allows privilege escalation
It was reported that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation
It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...
MySQL / MariaDB / PerconaDB elevation of privilege vulnerability, CVE-2016-6664)
I. VULNERABILITY ------------------------- MySQL / MariaDB / PerconaDB - Root Privilege Escalation MySQL = 5.5.51 = 5.6.32 = 5.7.14 MariaDB All current Percona Server 5.5.51-38.2 5.6.32-78-1 5.7.14-8 Percona XtraDB Cluster 5.6.32-25.17 5.7.14-26.17 5.5.41-37.0 II. BACKGROUND...
Debian DSA-3670-1 : tomcat8 - security update
Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...