91 matches found
CVE-2024-28171
It is possible to perform a path traversal attack and write outside of the intended directory. If a file name is specified that already exists on the file system, then the original file will be overwritten...
Privilege escalation
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation...
PT-2023-15475 · Imo.Im · Imo.Im
Name of the Vulnerable Software and Affected Versions: imo.im version 2022.11.1051 Description: A path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library...
VMware Workspace ONE Access Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access CVE-2022-22960', 'Description' = %q This module exploits CVE-2022-22960 which allows the user to overwrite the...
SUSE CVE-2017-10688
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tifdirwrite.c. A crafted input will lead to a remote denial of service attack...
PT-2023-1328 · Atlassian · Jira Service Management Server
Name of the Vulnerable Software and Affected Versions: Jira Service Management Server and Data Center versions 5.3.0 through 5.5.0 Description: An authentication issue in Jira Service Management Server and Data Center allows an attacker to impersonate another user and gain access to a Jira Servic...
CVE-2022-22753
A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected.. This...
OFFIS DCMTK 路径遍历漏洞
OFFIS DCMTK is a collection of libraries and applications from OFFIS Germany that implement most of the DICOM standards. Software for examining, building and converting DICOM image files, processing offline media, sending and receiving images over a network connection, and demonstrating image...
Samba 4.13.x < 4.13.16 Arbitrary Directory Write
The version of Samba running on the remote host is 4.13.x prior to 4.13.16. It is, therefore, potentially affected by a SMB1 or NFS symlink race condition. A remote authenticated attacker, using the race condition, could potentially create a directory outside of the exported share. Note that Ness...
PT-2021-24298 · Unknown · Metersphere
Name of the Vulnerable Software and Affected Versions: Metersphere version 1.15.4 Description: An arbitrary file upload issue was discovered, allowing unauthenticated users to upload files to any directory. This could enable attackers to write a cron job for command execution. Recommendations: Fo...
CVE-2020-6024
Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users...
CVE-2020-6024
Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users...
The vulnerability of the FTP server of the Internet Information Services network services on the XP-8741-Atom industrial controller allows a hacker to perform write operations on the root directory of the FTP server.
The vulnerability of the FTP server of the Internet Information Services network services on the XP-8741-Atom controller is due to deficiencies in the access restrictions for the anonymous user. Exploiting this vulnerability allows a malicious actor to perform write operations to the root directo...
B&R Automation Automation Studio Path Traversal Vulnerability
B&R Automation Automation Studio is an automation control system. A path traversal vulnerability exists in B&R Automation Automation Studio, which can be exploited by an attacker to write to certain local directories...
CVE-2020-10691
An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system. Mitigation A possibl...
DEBIAN-CVE-2019-8943
WordPress through 5.0.3 allows Path Traversal in wpcropimage. An attacker who has privileges to crop an image can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring...
WordPress path traversal vulnerability (CNVD-2019-31837)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress suffers from a path traversal vulnerability. An attacker can exploit this vulnerability to write an...
CVE-2018-18831
An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java in MCMS 4.6.5. An attacker can write a .jsp file in the position parameter to an arbitrary directory via a ../ Directory Traversal in the url parameter...
CVE-2018-13806
A vulnerability has been identified in SIEMENS TD Keypad Designer All versions. A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access...
ALPINE-CVE-2018-10963
The TIFFWriteDirectorySec function in tifdirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service assertion failure and application crash via a crafted file, a different vulnerability than CVE-2017-13726...