Lucene search
+L

5499 matches found

Veracode
Veracode
added 2019/01/15 9:4 a.m.25 views

Arbitrary File Write

elfutils is vulnerable to arbitrary file write attacks. The vulnerability exists as a directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a craft...

6.4CVSS6.2AI score0.05018EPSS
Exploits0References14Affected Software1
Veracode
Veracode
added 2019/01/15 9:0 a.m.33 views

Arbitrary File Write With Null Byte In File Name

The DiskFileItem class in Apache Commons FileUpload allows remote attackers to write to arbitrary files via a NULL byte in a file name when it is deserialized. This vulnerability first requires the application using this library to be deserializing untrusted data...

7.5CVSS8.2AI score0.12768EPSS
Exploits0References21Affected Software9
Veracode
Veracode
added 2019/01/15 8:58 a.m.40 views

Arbitrary File Write

jbossweb is vulnerable to arbitrary file write attacks. The vulnerability exists as the readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to...

7.5CVSS8.3AI score0.12768EPSS
Exploits0References7Affected Software1
Veracode
Veracode
added 2019/01/15 8:57 a.m.21 views

Arbitrary File Write

sssd is vulnerable to arbitrary file write attacks. The vulnerability exists as System Security Services Daemon SSSD before 1.9.4, when 1 creating, 2 copying, or 3 removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another...

3.7CVSS5.9AI score0.00366EPSS
Exploits0References140Affected Software1
RedhatCVE
RedhatCVE
added 2019/01/14 2:19 a.m.27 views

CVE-2018-1000406

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...

6.5CVSS3.9AI score0.04021EPSS
Exploits0References2
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.12168 views

OpenSSH SCP Client - Write Arbitrary Files

OpenSSH SCP Client - Write Arbitrary Files ''' Title: SSHtranger Things Author: Mark E. Haase Homepage: https://www.hyperiongray.com Date: 2019-01-17 CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS,...

5.8CVSS0.5AI score0.58204EPSS
Exploits10
NVD
NVD
added 2019/01/09 11:29 p.m.18 views

CVE-2018-1000406

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...

6.5CVSS6.4AI score0.04021EPSS
Exploits0References2
Prion
Prion
added 2019/01/09 11:29 p.m.18 views

Path traversal

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...

4CVSS6.3AI score0.04021EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/01/09 11:0 p.m.25 views

CVE-2018-1000406

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...

6.8AI score0.04021EPSS
Exploits0References2
EUVD
EUVD
added 2019/01/09 11:0 p.m.8 views

EUVD-2022-2226

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...

6.5CVSS6.5AI score0.04021EPSS
Exploits0References6
CVE
CVE
added 2019/01/09 11:0 p.m.98 views

CVE-2018-1000406

CVE-2018-1000406 documents a path traversal vulnerability in Jenkins 2.145 and earlier (including LTS 2.138.1 and earlier) in file handling code located at core/src/main/java/hudson/model/FileParameterValue.java. An attacker with Job/Configure permission can define a file parameter whose name esc...

6.5CVSS6.4AI score0.04021EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/01/03 1:29 a.m.17 views

CVE-2019-3580

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...

7.5CVSS7.5AI score0.01853EPSS
Exploits1References1
Prion
Prion
added 2019/01/03 1:29 a.m.14 views

Directory traversal

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...

5CVSS7.5AI score0.01853EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/01/03 1:29 a.m.12 views

CVE-2019-3580

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...

7.5CVSS6.9AI score
Exploits0References1
CVE
CVE
added 2019/01/03 1:0 a.m.46 views

CVE-2019-3580

OpenRefine (up to version 3.1) is affected by CVE-2019-3580: during import of a crafted project file, a directory traversal flaw allows arbitrary file write. The description consistently states this vulnerability exists in OpenRefine 3.1 and earlier, caused by directory traversal in the import pr...

7.5CVSS7.5AI score0.01853EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/01/03 1:0 a.m.20 views

CVE-2019-3580

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...

7.5AI score0.01853EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/03 12:0 a.m.3 views

OpenRefine Arbitrary File Write Vulnerability

OpenRefine is a Java-based open source tool that is used to load data, analyze it, clean it, and more. A directory traversal vulnerability exists in OpenRefine 3.1 and earlier versions. An attacker can exploit this vulnerability by importing a specially crafted project file to write arbitrary fil...

7.5CVSS6.9AI score0.01853EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.21 views

Fedora 28 : plexus-archiver (2018-7a9a2f6ec0)

Security fix: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file CVE-2018-1002200 A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attack...

5.5CVSS6.6AI score0.13179EPSS
Exploits1References3
EUVD
EUVD
added 2018/12/14 2:0 p.m.2 views

EUVD-2018-8665

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces both '' and '' characters. Specifically, it is only vulnerable in GOPATH mode, but not in module mode th...

8.1CVSS7.6AI score0.05039EPSS
Exploits0References16
CNVD
CNVD
added 2018/12/14 12:0 a.m.6 views

DoorGets Directory Traversal Vulnerability

doorGets is a content management system CMS. The system supports multiple languages, and system backups and theme changes, etc. A security vulnerability exists in doorGets version 7.0. A remote attacker can exploit the vulnerability to write arbitrary files...

7.5CVSS7.1AI score0.02655EPSS
Exploits1References1
Rows per page
Query Builder