EUVD-2011-1150

Malware in sbrugna...

CVE-2011-1136

In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file...

CVE-2018-9468

In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-3116

in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions...

The vulnerability of the key-delete function in Moxa’s TN-4900 and TN-5900 series microprogrammable router software allows for the creation or re-write of arbitrary files within the system.

The vulnerability of the key-delete function in Moxa’s TN-4900 and TN-5900 series microprogrammable router software is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to create or re-record arbitrary files within the system remotely...

The vulnerability of the command-line interface (CLI) of the Cisco Nexus Dashboard, a platform for analytics and automation of cloud network management, allows a attacker to re-write any files.

The vulnerability of the command-line interface CLI of the Cisco Nexus Dashboard platform for analyzing and automating cloud network management involves insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to re-write any files on the vulnerable devic...

The vulnerability of the Velociraptor incident analysis software allows a hacker to re-write any file they desire.

The vulnerability of the Velociraptor incident analysis software relates to an improper definition of the link before accessing a file. Exploiting this vulnerability could allow an attacker to re-record any file...

CVE-2022-26019

Improper access control vulnerability in pfSense CE and pfSense Plus pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result ...

Netgate pfSense CE 路径遍历漏洞

Netgate pfSense CE is a free and open source FreeBSD-based firewall and router software. A security vulnerability exists in Netgate pfSense CE, where an attacker with the right to change the NTP GPS settings could rewrite existing files on the file system, resulting in arbitrary command execution...

The vulnerability of the API of the Cisco Expressway Series and Cisco Telepresence VCS conference communication devices allows a hacker to re-record arbitrary files on the host operating system as the root user.

The vulnerability of the API of the Cisco Expressway Series and Cisco Telepresence VCS conference communication devices relates to insufficient validation of command arguments entered by users. Exploiting this vulnerability allows a malicious actor to re-write any files on the underlying operatin...

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN software allows a attacker to re-record any files.

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow a attacker to re-write any files at will...

The vulnerability of the Adobe Genuine Service application checking service, related to errors in processing symbolic links, allows a perpetrator to re-record arbitrary files and increase their privileges.

The vulnerability of the Adobe Genuine Service application checking service is related to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to rewrite arbitrary files and increase their privileges...

Arbitrary File Rewrite

spring-integration-zip is vulnerable to an arbitrary file rewrite aka a zip slip vulnerability. An incomplete fix of CVE-2018-1263 allows an attacker to send a malicious zip archive bzip2, tar, xz, war, cpio, 7z with path traversal filenames, leading to writing of files outside of the target...

The vulnerability in the internal file management service of the Cisco NX-OS operating system for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches allows a attacker to rewrite arbitrary files.

The vulnerability of the internal file management service in the Cisco NX-OS operating system for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches lies in the use of files and directories accessible from external parties. Exploiting this vulnerability allows a malicious actor...

The vulnerability of the command syntax analyzer in Cisco IOS and Cisco IOS XE operating systems allows a attacker to re-write any files in the host’s basic file system.

The vulnerability of the command syntax analyzer in Cisco IOS and Cisco IOS XE operating systems is related to errors during the verification of command parameters. Exploiting this vulnerability can allow an attacker to re-write any files in the host’s basic file system...

The configuration function vulnerability of the Cisco Nexus Data Broker allows a perpetrator to rerecord arbitrary files.

The vulnerability of the configuration function of the Cisco Nexus Data Broker lies in insufficient verification of configuration backup files. Exploiting this vulnerability allows a malicious actor to rewrite any files at will...

The vulnerability of the REST API implementation of the Cisco Edge Fog Fabric data processing platform allows a attacker to re-write any files in the operating system of the vulnerable device.

The vulnerability of the REST API implementation of the Cisco Edge Fog Fabric data processing platform involves exposing resources to an unauthorized area. Exploiting this vulnerability could allow a malicious actor to rewrite any files in the operating system of the vulnerable device remotely...

Arbitrary File Rewrite

The cpio packages is vulnerable to Arbitrary File Rewrite. Improper input validation when writing tar header fields leads to unexpect tar generation...

The vulnerability of the Application Framework component of the Cisco Iox software platform allows a perpetrator to re-write any files they desire.

The vulnerability of the Application Framework component of the Cisco Iox software platform is related to errors in processing symbolic links. Exploiting this vulnerability could allow an attacker to re-write any files at will...

The software for managing Cisco Firepower Device Manager On-Box devices is vulnerable due to insufficient validation of input data. This vulnerability allows a perpetrator to rewrite any files in the basic operating system of the vulnerable device.

The software vulnerability of Cisco Firepower Device Manager On-Box exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to rewrite any files in the basic operating system of the vulnerable device by loading a malicious file...