Lucene search
K

90 matches found

CNVD
CNVD
added 2018/05/10 12:0 a.m.3 views

LibTIFF Denial of Service Vulnerability (CNVD-2018-09656)

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains a number of command-line tools for processing TIFF files. A security vulnerability exists in the 'TIFFWriteDirectorySec' function in the tifdirwrite.c...

6.5CVSS6.8AI score0.03765EPSS
Exploits1References1
OSV
OSV
added 2017/06/29 11:29 p.m.2 views

DEBIAN-CVE-2017-10688

In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tifdirwrite.c. A crafted input will lead to a remote denial of service attack...

7.5CVSS6.7AI score0.06721EPSS
Exploits1References1
CNVD
CNVD
added 2017/04/26 12:0 a.m.6 views

Veritas System Recovery DLL Load Local Code Execution Vulnerability

Veritas System Recovery is a suite of disaster recovery software for virtual machines, servers and laptops from Veritas Technologies, USA. A local code execution vulnerability exists in the patch installer in versions prior to Veritas System Recovery 16 SP1. An attacker could exploit this...

9.3CVSS7.4AI score0.01059EPSS
Exploits0References1
OSV
OSV
added 2016/10/03 4:9 p.m.4 views

ALPINE-CVE-2016-3658

The TIFFWriteDirectoryTagLongLong8Array function in tifdirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read via vectors involving the ma variable...

7.5CVSS6.8AI score0.04001EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/13 12:0 a.m.4 views

Silicon Graphics LibTiff Denial of Service Vulnerability (CNVD-2016-02225)

Silicon Graphics LibTiff is the United States Silicon Graphics, Inc. of a read and write TIFF Tagged Image File Format file library. A denial of service vulnerability exists in the TIFFWriteDirectoryTagLongLong8Array function in the tifdirwrite.c file in Silicon Graphics LibTiff 4.0.6 and earlier...

7.5CVSS8.3AI score0.04001EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/02/18 11:0 a.m.35 views

CVE-2012-5375

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service prevention of file creation by leveraging the ability to write to a directory important to the victim, and creating a file with a crafted name that is associated with ...

5.7AI score0.00858EPSS
Exploits1References10
myhack58
myhack58
added 2012/09/06 12:0 a.m.35 views

WebDAV aeration directory write permissions vulnerability-vulnerability warning-the black bar safety net

Recently, the 3 6 0 Web sitessecurity testingplatform issued an emergency Safety notice, widely used communication Protocol WebDAV there is a directory write permission to the high-risk vulnerabilities, an attacker can upload arbitrary text files, and combined with the server to resolve the...

7.6AI score
Exploits0
Prion
Prion
added 2009/02/05 2:30 a.m.15 views

Design/Logic Flaw

Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the...

5.1CVSS6.9AI score0.05651EPSS
Exploits1References5Affected Software1
Metasploit
Metasploit
added 2009/01/16 12:0 a.m.14 views

Oracle MySQL for Microsoft Windows Payload Execution

This module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL = 5.5.9, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE...

2.2AI score
Exploits0
Slackware Linux
Slackware Linux
added 2004/05/03 1:6 p.m.36 views

rsync update

New rsync packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a security issue. When running an rsync server without the chroot option it is possible for an attacker to write outside of the allowed directory. Any sites running rsync in that mode should upgrade right away and...

5CVSS6.3AI score0.03404EPSS
Exploits0
Rows per page
Query Builder