Lucene search
K

2460 matches found

VMware
VMware
added 2013/12/20 12:0 a.m.80 views

VMSA-2013-0016:VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0016 VMware Security Advisory Synopsis: VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security...

4.4CVSS6.5AI score0.00353EPSS
Exploits0Affected Software2
OSV
OSV
added 2013/11/02 6:55 p.m.8 views

CVE-2013-4401

The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained fr...

8.7AI score
Exploits0References8
Packet Storm
Packet Storm
added 2013/10/15 12:0 a.m.25 views

XAMPP Local Write Access

Exploit Title: XAMPP All Version Local Write Access Vulnerability + Google Dork 1 : inurl:/xampp/lang.php + Google Dork 2 : inurl:/security/lang.php + Date: 15/10/2013 + Discovered By : Black.Hack3r + Exploit Author: IranianDarkCodersTeam + Vendor Homepage: http://www.apachefriends.org +...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/10/02 12:0 a.m.20 views

FreeBSD : FreeBSD -- Cross-mount links between nullfs(5) mounts (b72bad1c-20ed-11e3-be06-000c29ee3065)

Problem Description : The nullfs5 implementation of the VOPLINK9 VFS operation does not check whether the source and target of the link are both in the same nullfs instance. It is therefore possible to create a hardlink from a location in one nullfs instance to a file in another, as long as the...

3.7CVSS5.5AI score0.00294EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/10/01 12:0 a.m.113 views

XAMPP 1.8.1 Local Write Access Vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...

4.3CVSS0.5AI score0.0521EPSS
Exploits6
exploitpack
exploitpack
added 2013/09/30 12:0 a.m.36 views

XAMPP 1.8.1 - lang.php?WriteIntoLocalDisk method Local Write Access

XAMPP 1.8.1 - lang.php?WriteIntoLocalDisk method Local Write Access ============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel García Cárdenas - Severity: 6,8/10 CVSS Ba...

4.3CVSS6.5AI score0.0521EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/09/30 12:0 a.m.82 views

XAMPP 1.8.1 - 'lang.php?WriteIntoLocalDisk method' Local Write Access

============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel García Cárdenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...

4.3CVSS6.5AI score0.0521EPSS
Exploits6
0day.today
0day.today
added 2013/09/26 12:0 a.m.113 views

XAMPP 1.8.1 Local Write Access Vulnerability

XAMPP version 1.8.1 allows an unprivileged user the ability to write to the local disk. It has been detected than an unprivileged user can write in the local disk and the local file "lang.tmp" can be modified in the remote machine. The injection is done through the page "/xampp/lang.php"...

4.3CVSS6.7AI score0.0521EPSS
Exploits6
Packet Storm
Packet Storm
added 2013/09/26 12:0 a.m.63 views

XAMPP 1.8.1 Local Write Access

============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel García Cárdenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...

4.3CVSS0.0521EPSS
Exploits6
0day.today
0day.today
added 2013/09/03 12:0 a.m.53 views

Wiz 5.0.3 User Mode Write Access Violation Vulnerability

Wiz version 5.0.3 suffers from a user mode write access violation vulnerability. Title: User Mode Write Access Violation in Wiz 5.0.3 Severity: Medium History: 16.Apr.2013 Vulnerability reported Authors: Josep Pi Rodriguez, Pedro Guillen Nuñez, Miguel Angel de Castro Simon Organization:...

7.6AI score0.0125EPSS
Exploits2
Prion
Prion
added 2013/07/02 3:43 a.m.17 views

Design/Logic Flaw

The vmmaplookup function in sys/vm/vmmap.c in the mmap implementation in the kernel in FreeBSD 9.0 through 9.1-RELEASE-p4 does not properly determine whether a task should have write access to a memory location, which allows local users to bypass filesystem write permissions and consequently gain...

6.9CVSS6.6AI score0.06942EPSS
Exploits10References3Affected Software1
Mageia
Mageia
added 2013/07/01 7:17 p.m.48 views

Updated xen package fixes security issues

This update fixes the following security issues: XSA-52/CVE-2013-2076: Information leak on XSAVE/XRSTOR capable AMD CPUs XSA-53/CVE-2013-2077: Hypervisor crash due to missing exception recovery on XRSTOR XSA-54/CVE-2013-2078: Hypervisor crash due to missing exception recovery on XSETBV...

7.4CVSS1.3AI score0.01058EPSS
Exploits0References1
CVE
CVE
added 2013/06/18 6:45 p.m.51 views

CVE-2013-3927

CVE-2013-3927 affects Siemens COMOS: 9.2 versions prior to 9.2.0.6.10 and 10.0 versions prior to 10.0.3.0.4. The vulnerability stems from the client library, where authenticated local users with read access can leverage the library to gain unintended write access to the COMOS database, enabling m...

4.6CVSS6.3AI score0.00362EPSS
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2013/06/18 12:0 a.m.32 views

FreeBSD -- Privilege escalation via mmap

Due to insufficient permission checks in the virtual memory system, a tracing process such as a debugger may be able to modify portions of the traced process's address space to which the traced process itself does not have write access...

6.9CVSS6.3AI score0.06942EPSS
Exploits10
ICS
ICS
added 2013/05/01 12:0 p.m.28 views

Invensys Wonderware HMI Reports XSS and Write Access Violation Vulnerabilities

Overview Independent security researchers Billy Rios and Terry McCorkle have identified cross-site scripting XSS and write access violation vulnerabilities in the Invensys Wonderware HMI reports product. ICS-CERT has coordinated these two vulnerabilities with Invensys, which has produced a new...

7.5AI score
Exploits0References18
Prion
Prion
added 2013/04/29 2:55 p.m.21 views

Null pointer dereference

The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for write access to the 1 setftracepid or 2 setgraphfunction file...

7.2CVSS7.3AI score0.00985EPSS
Exploits1References12Affected Software6
OpenVAS
OpenVAS
added 2013/04/19 12:0 a.m.29 views

Ubuntu Update for samba USN-1802-1

Check for the Version of samba OpenVAS Vulnerability Test $Id: gbubuntuUSN18021.nasl 8672 2018-02-05 16:39:18Z teissa $ Ubuntu Update for samba USN-1802-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

4CVSS7.5AI score0.02981EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/04/17 12:0 a.m.25 views

Ubuntu 12.04 LTS : samba vulnerability (USN-1802-1)

It was discovered that Samba incorrectly handled CIFS share attributes when SMB2 was used. A remote authenticated user could possibly gain write access to certain shares, bypassing the intended permissions. Note that Tenable Network Security has extracted the preceding description block directly...

4CVSS7.3AI score0.02981EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/04/15 12:0 a.m.200 views

CVE-2013-0798 : World read and write access to app_tmp directory on Android

Fourteenforty Research Institute, Inc. Security Advisory World read and write access to apptmp directory on Firefox for Android 2013/04/02 === Summary === World read and write access to apptmp directory on Firefox for Android allows replacing Firefox add-ons. === Severity === Middle === Affected...

4.3CVSS8.3AI score0.00994EPSS
Exploits0
CVE
CVE
added 2013/03/20 3:0 p.m.80 views

CVE-2013-1766

CVE-2013-1766 affects libvirt (libvirtd) prior to version in Debian squeeze; the daemon would change ownership of device files to the kvm group, enabling local users to write to those devices via unspecified vectors. Impact described as local access to files/devices with potential for partial int...

3.6CVSS6.2AI score0.00382EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder