406 matches found
EUVD-2016-0756
Malware in sbrugna...
EUVD-2011-1089
Malware in sbrugna...
EUVD-2019-9308
Malware in sbrugna...
EUVD-2017-9515
Malware in sbrugna...
EUVD-2018-13440
Malware in sbrugna...
EUVD-2017-9567
Malware in sbrugna...
EUVD-2022-31735
Malicious code in bioql PyPI...
EUVD-2023-55653
Malicious code in bioql PyPI...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the fileUploadHandler process. An attacker can write arbitrary files to the filesystem by supplying crafted values to the fc.Name parameter, which is not properly sanitized, allowing directory traversal. This c...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the fileUploadHandler process. An attacker can write arbitrary files to the filesystem by supplying crafted values to the fc.Name parameter, which is not properly sanitized, allowing directory traversal. This c...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the fileUploadHandler process. An attacker can write arbitrary files to the filesystem by supplying crafted values to the fc.Name parameter, which is not properly sanitized, allowing directory traversal. This c...
CVE-2020-25758
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...
CVE-2018-20902
cPanel before 71.9980.37 allows attackers to read root's crontab file by leveraging ClamAV installation SEC-408...
CVE-2018-20942
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon configuring crontab SEC-351...
CVE-2017-18399
cPanel before 68.0.15 allows attackers to read root's crontab file during a short time interval upon enabling or disabling sqloptimizer SEC-332...
CVE-2011-1075
FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File function, which takes a pathname as an argument, and is called with euid 0. A race condition in this process ma...
CVE-2018-20943
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task SEC-352...
CVE-2018-20940
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon the enabling of backups SEC-342...
CVE-2018-20927
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing SEC-382...
CVE-1999-1589
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors...