Lucene search
+L

79 matches found

RedHat Linux
RedHat Linux
added 2019/08/08 5:9 p.m.5 views

libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning

It was found that libreoffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system...

9.8CVSS6AI score0.67321EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.37 views

openSUSE Security Update : go1.11 (openSUSE-2019-1018)

This new package for go1.11 fixes the following issues: Security issues fixed : - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag bsc1118897 - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution bsc1118898 -...

8.1CVSS7.8AI score0.66252EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2018/12/20 12:0 a.m.38 views

openSUSE: Security Advisory for go1.11 (openSUSE-SU-2018:4181-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8AI score0.66252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/12/20 12:0 a.m.37 views

openSUSE Security Update : go1.11 (openSUSE-2018-1572)

This new package for go1.11 fixes the following issues: Security issues fixed : - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag bsc1118897 - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution bsc1118898 -...

8.1CVSS7.8AI score0.66252EPSS
Exploits0References10
OPENSUSE Linux
OPENSUSE Linux
added 2018/12/19 12:9 p.m.114 views

Security update for go1.11 (important)

This new package for go1.11 fixes the following issues: Security issues fixed: - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag bsc1118897 - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution bsc1118898 -...

1.4AI score0.66252EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2018/11/29 10:10 a.m.3 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

5.5CVSS7.2AI score0.02876EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/29 9:56 a.m.9 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

5.5CVSS7.2AI score0.02876EPSS
Exploits0References5
ArchLinux
ArchLinux
added 2018/07/21 12:0 a.m.41 views

[ASA-201807-14] jenkins: multiple issues

Arch Linux Security Advisory ASA-201807-14 ========================================== Severity: High Date : 2018-07-21 CVE-ID : CVE-2018-1999001 CVE-2018-1999002 CVE-2018-1999003 CVE-2018-1999004 CVE-2018-1999005 CVE-2018-1999006 CVE-2018-1999007 Package : jenkins Type : multiple issues Remote :...

8.8CVSS0.86641EPSS
Exploits8References9
0day.today
0day.today
added 2018/02/10 12:0 a.m.60 views

NetEx HyperIP 6.1.0 Local File Inclusion Vulnerability

NetEx HyperIP version 6.1.0 suffers from a local file inclusion vulnerability. Title: NetEx HyperIP Local File Inclusion Vulnerability Advisory ID: KL-001-2018-005 Publication Date: 2018.02.08 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-005.txt 1. Vulnerability...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/02/09 12:0 a.m.43 views

NetEx HyperIP 6.1.0 Local File Inclusion

KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability Title: NetEx HyperIP Local File Inclusion Vulnerability Advisory ID: KL-001-2018-005 Publication Date: 2018.02.08 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-005.txt 1. Vulnerability Details Affecte...

6.6AI score
Exploits0
KoreLogic Security
KoreLogic Security
added 2018/02/08 12:0 a.m.23 views

NetEx HyperIP Local File Inclusion Vulnerability

Vulnerability Details Affected Vendor: NetEx Affected Product: HyperIP Affected Version: 6.1.0 Platform: Embedded Linux CWE Classification: CWE-73: External Control of File Name or Path, CWE-592: Authentication Bypass Issues Impact: Arbitrary Filesystem Reads Attack vector: HTTPS 2...

Exploits0Affected Software1
ArchLinux
ArchLinux
added 2017/12/02 12:0 a.m.23 views

[ASA-201712-2] cacti: multiple issues

Arch Linux Security Advisory ASA-201712-2 ========================================= Severity: High Date : 2017-12-02 CVE-ID : CVE-2017-16641 CVE-2017-16660 CVE-2017-16661 CVE-2017-16785 Package : cacti Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-537 Summary =====...

9CVSS2.6AI score0.04246EPSS
Exploits4References12
ArchLinux
ArchLinux
added 2017/08/12 12:0 a.m.45 views

[ASA-201708-7] mercurial: multiple issues

Arch Linux Security Advisory ASA-201708-7 ========================================= Severity: Critical Date : 2017-08-12 CVE-ID : CVE-2017-1000115 CVE-2017-1000116 Package : mercurial Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-378 Summary ======= The package...

10CVSS2.5AI score0.05734EPSS
Exploits1References4
ArchLinux
ArchLinux
added 2016/09/01 12:0 a.m.46 views

webkit2gtk: multiple issues

CVE-2016-4590 same-origin policy bypass xisigr of Tencents Xuanwu Lab discovered a vulnerability in the way webkit handles URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site. - CVE-2016-4591 arbitrary filesystem access ma.la of LINE Corporation discoveered...

7.8CVSS6.7AI score0.18843EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.30 views

SUSE: Security Advisory for wget (SUSE-SU-2014:1366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.1AI score0.39883EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2015/05/27 12:0 a.m.27 views

SUSE SLES11 Security Update : wget (SUSE-SU-2014:1366-2)

wget was updated to fix one security issue and two non-security issues : - FTP symbolic link arbitrary filesystem access CVE-2014-4877. - Fix displaying of download time bnc901276. - Fix 0 size FTP downloads after failure bnc885069. Note that Tenable Network Security has extracted the preceding...

9.3CVSS7.3AI score0.39883EPSS
Exploits4References8
0day.today
0day.today
added 2014/11/01 12:0 a.m.67 views

GNU Wget FTP Symlink Arbitrary Filesystem Access Exploit

This module exploits a vulnerability in Wget when used in recursive -r mode with a FTP server as a destination. A symlink is used to allow arbitrary writes to the target's filesystem. To specify content for the file, use the "file:/path" syntax for the TARGETDATA option. Tested successfully with...

9.3CVSS0.1AI score0.39883EPSS
Exploits4
Oracle linux
Oracle linux
added 2014/10/30 12:0 a.m.36 views

wget security update

1.14-10.1 - Fix CVE-2014-4877 wget: FTP symlink arbitrary filesystem access 1156135...

9.3CVSS2AI score0.39883EPSS
Exploits4
Packet Storm
Packet Storm
added 2004/07/28 12:0 a.m.30 views

IRM Security Advisory 9

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- IRM Security Advisory No. 009 RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities Vulnerablity Type / Importance: Network Subversion, Open Proxy, Brute-For...

0.5AI score
Exploits0
Rows per page
Query Builder