Alibaba Cloud Linux 3 : 0072: nodejs:14 (ALINUX3-SA-2021:0072)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0072 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-22930: RESERVED This candidate ha...

CVE-2024-23929

CVE-2024-23929 affects Pioneer DMH-WT7600NEX telematics, enabling network-adjacent attackers to create arbitrary files by exploiting improper validation of a user-supplied path in file operations. The flaw exists even though authentication is initially required, as the authentication mechanism ca...

CVE-2023-1586

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use TOCTOU vulnerability in the restore process leading to arbitrary file creation. The issue was fixed with Avast and AVG Antivirus version 22.11...

CVE-2022-39909

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link...

CVE-2021-32842 Path Traversal in SharpZipLib

SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.0.0 and prior to version 1.3.3, a check was added if the destination file is under a destination directory. However, it is not enforced that baseDirectory ends with slash. If the baseDirectory is not slash terminated...

Motorola Timbuktu Pro 8.6.3.1367 - Directory Traversal

source: https://www.securityfocus.com/bid/25453/info Motorola Timbuktu Pro is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to delete or create arbitrary files with SYSTEM-level...

CVE-2001-0265

ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file...