EUVD-2018-0272

Malware in sbrugna...

EUVD-2025-6786

Malicious code in bioql PyPI...

EUVD-2023-27782

Malicious code in bioql PyPI...

Important: python-setuptools

Issue Overview: setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the...

CVE-2025-43026

A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write...

H2O Vulnerable to Denial of Service (DoS) and File Write

In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...

Unspecified Vulnerability in Siemens InterMesh Subscriber Devices (CNVD-2024-41573)

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. A security vulnerability exists in Siemens InterMesh Subscriber Devices, which can be exploited by an attacker to write arbitrary files to the web server's DocumentRoot directory...

CVE-2022-26520

In pgjdbc before 42.3.3, an attacker who controls the jdbc URL or properties can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat...

CVE-2014-4150

The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp...

CVE-2014-4199

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp...

CVE-2004-0426

rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...

Gast Arbeiter Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - ------------------------------------------------------------ NATOK security labs natok at hush.com October 20st, 2003 Privilege Escalation - - - ------------------------------------------------------------ - - - Overview Software : Gast Arbeiter...

ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed

ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed Apache::ASP http://www.nodeworks.com/asp/ had a security hole in its ./site/eg/source.asp distribution examples file, allowing a malicious hacker to potentially write to files in the directory local to the source.asp example script. The next versio...