EUVD-2007-1298

Malware in sbrugna...

PT-2024-26039 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds write in appending paragraphs, which could allow local attackers to potentially execute arbitrary code with Samsung Notes privilege...

CVE-2024-36001

A vulnerability was found in the netfsperformwrite function in the Linux Kernel, where a race condition can lead to kernel panics or improper writeback handling. This issue occurs if certain synchronous flags OSYNC, RWFSYNC are used or the file is in write-through mode, and the write position is ...

CVE-2024-36001

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the pre-flush when appending to a file in writethrough mode In netfsperformwrite, when the file is marked NETFSICTXWRITETHROUGH or OSYNC or RWFSYNC was specified, write-through caching is performed on a buffered file...

Design/Logic Flaw

When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever...

Mozilla: Sandboxed iframes could have executed script if the parent appended elements

The Mozilla Foundation Security Advisory describes this flaw as: If a document created a sandboxed iframe without allow-scripts and subsequently appended an element to the iframe's document that, for example, had a JavaScript event handler - the event handler would have run despite the iframe's...

WordPress Use Any Font plugin <= 6.2 - Unauthenticated Arbitrary CSS Appending vulnerability

Unauthenticated Arbitrary CSS Appending vulnerability discovered by Krzysztof Zając in WordPress Use Any Font plugin versions = 6.2. Solution Update the WordPress Use Any Font plugin to the latest available version at least 6.2.1...

Weakpass - Rule-Based Online Generator To Create A Wordlist Based On A Set Of Words

The tool generates a wordlist based on a set of words entered by the user. For example, during penetration testing, you need to gain access to some service, device, account, or Wi-Fi network that is password protected. For example, let it be the Wi-Fi network of EvilCorp. Sometimes, a password is...

CVE-2019-17373

Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending with .jpg, such as by appending ?x=1.jpg to a URL. This affects MBR1515, MBR1516, DGN2200, DGN2200M, DGND3700, WNR2000v2, WNDR3300, WNDR3400, WNR3500, and WNR834Bv2...

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager

Summary There were multiple security vulnerabilities fixed in the IBM Security Privileged Identity Manager Product Vulnerability Details CVEID: CVE-2016-2996 DESCRIPTION: IBM Security Privileged Identity Manager Virtual Appliance could allow an authenticated user to append lines to any file on th...

GLSA-201511-01 : MirBSD Korn Shell: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201511-01 MirBSD Korn Shell: Arbitrary code execution Improper sanitation of environment import allows for appending of values to passed parameters. Impact : An attacker who already had access to the environment could so append...

wsdl_finder

This plugin finds new web service descriptions and other web service related files by appending "?WSDL" to all URLs and checking the response. Plugin type Crawl Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests,...

Samba 'etc/mtab' File Appending Local DoS Vulnerability

Samba is prone to a local denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...

Firefox race condition flaw (MFSA 2010-73)

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

Firefox race condition flaw (MFSA 2010-73)

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

VulnCheck KEV: CVE-2010-3765

Mozilla Firefox, SeaMonkey, and Thunderbird contain an unspecified vulnerability when JavaScript is enabled. This allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation...

Code injection

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to 1 rmsock and 2 rmsock64 not creating "secure log files."...

CVE-2008-5150

sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink attack on a /tmp/maildirsync-..log temporary file...

PT-2008-4373 · Postfix +1 · Postfix +1

Name of the Vulnerable Software and Affected Versions: Postfix versions prior to 2.3.15 Postfix versions 2.4 prior to 2.4.8 Postfix versions 2.5 prior to 2.5.4 Postfix versions 2.6 prior to 2.6-20080814 Description: The issue allows local users to append e-mail messages to a file to which a...

CVE-2006-3123

Multiple integer overflows in the 1 dodecrypt and 2 doencrypt functions in cfsfh.c in cfsd in Matt Blaze Cryptographic File System CFS 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service daemon crash by appending data to a file that is larger than 2 Gb...