Oracle Linux 8 : python3 (ELSA-2023-7151)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7151 advisory. - Security fix for CVE-2023-40217 Resolves: RHEL-3041 - Fix symlink handling in the fix for CVE-2007-4559 Resolves: rhbz263261 - Security fix for CVE-2023-24329...

CVE-2020-28407

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall...

CVE-2022-44749

A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. This vulnerability is also known as 'Zip-Slip'. An attacker can create a KNIME workflow that, when being...

Knime Analytics Platform 路径遍历漏洞

Knime Analytics Platform is a free and open source data analytics, reporting and integration platform from Knime, Switzerland. A security vulnerability exists in Knime Analytics Platform, which stems from a directory traversal vulnerability in the ZIP archive extraction routines that could lead t...

GHSA-VRH7-99JH-3FMM Puppet arbitrary files overwrite via a symlink attack

Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/daemonout, 2 /tmp/puppetdoc.txt, 3 /tmp/puppetdoc.tex, or 4 /tmp/puppetdoc.aux temporary file...

Puppet arbitrary files overwrite via a symlink attack

Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the 1 /tmp/daemonout, 2 /tmp/puppetdoc.txt, 3 /tmp/puppetdoc.tex, or 4 /tmp/puppetdoc.aux temporary file...

Arbitrary Files Overwrite

lmbench is vulnerable to arbitrary files overwrite. The rccs and STUFF scripts allow local users to overwrite arbitrary files via a symlink attack on a /tmp/sdiff temporary file directory...

Arbitrary Files Overwrite

xcal is vulnerable to arbitrary files overwrite. The library allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal temporary file directory...

Arbitrary Files Overwrite

The Simple Protocol for Independent Computing Environments SPICE is vulnerable to Arbitrary Files Overwrite. It was found that the SPICE Firefox plug-in used a predictable name for its log file. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite...

CVE-2014-5254

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files...

CVE-2010-4817

pithos before 0.3.5 allows overwrite of arbitrary files via symlinks...

Xorg X11 Server (AIX) - Local Privilege Escalation

Xorg X11 Server AIX - Local Privilege Escalation Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Filese...

Debian DLA-921-1 : slurm-llnl security update

With this vulnerability arbitrary files can be overwritten on nodes running jobs provided that the user can run a job that is able to trigger a failure of a Prolog script. For Debian 7 'Wheezy', these problems have been fixed in version 2.3.4-2+deb7u1. We recommend that you upgrade your slurm-lln...

eXtplorer Directory Traversal Vulnerability

eXtplorer is a PHP-based online file management program that supports online browsing of files and folders as well as logging into FTP servers as an FTP client. A directory traversal vulnerability exists in the unzip/extract functionality of eXtplorer version 2.1.9, which stems from the program...

Ipswitch Instant Messaging 2.0.8.1 Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27677/info Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite...

Directory traversal

Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted 1 HTTP or 2 HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369...

Directory traversal

Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to the nagios account...

Oracle Solaris 8/9/10 - 'flar' Insecure Temporary File Creation

source: https://www.securityfocus.com/bid/41619/info Oracle Solaris is prone to an insecure temporary file creation vulnerability. A local attacker can exploit this issue to overwrite arbitrary files with the privileges of the affected process. This will likely result in denial-of-service...

CVE-2008-4908

maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

CVE-2008-4192

The pservershutdown function in fenceegenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file...