11 matches found
CVE-2022-23522
MindsDB is an open source machine learning platform. An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip...
EUVD-2020-17927
Malware in sbrugna...
EUVD-2023-47502
Malicious code in bioql PyPI...
GHSA-277F-37GW-9GMQ raspap-webgui has a Directory Traversal vulnerability
RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/getwgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the entity parameter to overwrite arbitrary files writable by the web server via abuse of the tee command use...
CVE-2023-43081
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files...
CVE-2023-43081
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files...
AnNoText ADVOAkte multiple security vulnerabilities
Buffer overflow and files overwriting in ActiveX component...
CVE-2007-1444
netserver in netperf 2.4.3 allows local users to overwrite arbitrary files via a symlink attack on /tmp/netperf.debug...
Opera 7 multiple bugs
Crossite scripting including local zone, local files access, mail access, user activity tracking, etc. Buffer overflow. Directory traversal. Files overwriting. Local files access with Location overwriting. Multiple Java bugs...
MacOS X browsers files overwriting and scripts execution (multiple bugs)
By using vulnerability in telnet: protocol handling it's possible to add -f option to telnet command line. help: protocol handler allows scripts execution via help: command...
CVE-1999-0370
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files...