Lucene search
+L

71 matches found

Tenable Nessus
Tenable Nessus
added 2020/11/06 12:0 a.m.41 views

EulerOS Virtualization 3.0.6.6 : openssh (EulerOS-SA-2020-2451)

According to the version of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a...

7.5CVSS7.6AI score0.02267EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2020/08/10 5:43 p.m.46 views

CVE-2020-15650

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings but not access the previous profile. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects...

5.5CVSS5.4AI score0.00635EPSS
Exploits0
Veracode
Veracode
added 2020/04/10 12:50 a.m.18 views

Arbitrary Files Overwrite

The Simple Protocol for Independent Computing Environments SPICE is vulnerable to Arbitrary Files Overwrite. It was found that the SPICE Firefox plug-in used a predictable name for its log file. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite...

3.3CVSS2.5AI score0.00314EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2019/11/21 11:15 p.m.22 views

CVE-2014-5254

xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a symlink attack and overwrite arbitrary files...

4.7CVSS5.5AI score0.00344EPSS
Exploits1References5
NVD
NVD
added 2019/11/13 10:15 p.m.27 views

CVE-2010-4817

pithos before 0.3.5 allows overwrite of arbitrary files via symlinks...

5.5CVSS5.6AI score0.00406EPSS
Exploits0References5
OSV
OSV
added 2019/10/16 7:15 p.m.5 views

CVE-2019-17436

A Local Privilege Escalation vulnerability exists in GlobalProtect Agent for Linux and Mac OS X version 5.0.4 and earlier and version 4.1.12 and earlier, that can allow non-root users to overwrite root files on the file system...

7.1CVSS7.1AI score0.0031EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/07/31 5:53 p.m.8 views

icedtea-web: path traversal while processing <jar/> elements of JNLP files results in arbitrary file overwrite

It was found that icedtea-web did not properly sanitize paths from elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user...

8.2CVSS5.8AI score0.02743EPSS
Exploits0References4
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.48 views

Xorg X11 Server (AIX) - Local Privilege Escalation

Xorg X11 Server AIX - Local Privilege Escalation Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Filese...

7.2CVSS0.7AI score0.2704EPSS
Exploits39
ATTACKERKB
ATTACKERKB
added 2018/02/08 7:29 a.m.3 views

CVE-2018-0123

A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of...

5.5CVSS5.7AI score0.00413EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/04/28 12:0 a.m.58 views

Debian DLA-921-1 : slurm-llnl security update

With this vulnerability arbitrary files can be overwritten on nodes running jobs provided that the user can run a job that is able to trigger a failure of a Prolog script. For Debian 7 'Wheezy', these problems have been fixed in version 2.3.4-2+deb7u1. We recommend that you upgrade your slurm-lln...

8.1CVSS8.3AI score0.02483EPSS
Exploits0References3
CNVD
CNVD
added 2016/05/17 12:0 a.m.7 views

eXtplorer Directory Traversal Vulnerability

eXtplorer is a PHP-based online file management program that supports online browsing of files and folders as well as logging into FTP servers as an FTP client. A directory traversal vulnerability exists in the unzip/extract functionality of eXtplorer version 2.1.9, which stems from the program...

7.8CVSS7AI score0.08679EPSS
Exploits5References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Ipswitch Instant Messaging 2.0.8.1 Multiple Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27677/info Ipswitch Instant Messaging is prone to multiple security vulnerabilities, including a denial-of-service vulnerability, a format-string vulnerability, and a vulnerability that allows attackers to overwrite...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2014/06/08 6:55 p.m.33 views

CVE-2014-3981

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file...

3.3CVSS7.2AI score0.00782EPSS
Exploits0References2
Prion
Prion
added 2014/03/14 5:55 p.m.20 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the timezone for the user via the lat and lng parameters to...

6.8CVSS7.8AI score0.00615EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2013/05/09 12:31 p.m.22 views

Directory traversal

Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal CVP Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted 1 HTTP or 2 HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369...

7.8CVSS7.2AI score0.02116EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2013/05/08 12:9 p.m.16 views

Directory traversal

Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to overwrite arbitrary files by leveraging access to the nagios account...

5.5CVSS6.9AI score0.01851EPSS
Exploits0References3Affected Software1
Exploit DB
Exploit DB
added 2010/07/12 12:0 a.m.24 views

Oracle Solaris 8/9/10 - &#039;flar&#039; Insecure Temporary File Creation

source: https://www.securityfocus.com/bid/41619/info Oracle Solaris is prone to an insecure temporary file creation vulnerability. A local attacker can exploit this issue to overwrite arbitrary files with the privileges of the affected process. This will likely result in denial-of-service...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/12/03 5:30 p.m.33 views

CVE-2008-5313

mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the 1 f-prot-autoupdate, 2 clamav-autoupdate, 3 avast-autoupdate, and 4 f-prot-6-autoupdate scripts in /etc/MailScanner/autoupdate/;...

6.9CVSS6AI score0.00305EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/11/06 3:55 p.m.28 views

CVE-2008-4988

pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/pscal temporary file...

6.9CVSS6AI score0.00363EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2008/11/04 12:57 a.m.27 views

CVE-2008-4908

maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

3.3CVSS5.9AI score0.0029EPSS
Exploits0References1
Rows per page
Query Builder