Lucene search
K

9 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/06/04 12:0 a.m.10 views

(Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS5.4AI score0.00987EPSS
Exploits0References1
OSV
OSV
added 2025/01/28 5:29 p.m.6 views

GHSA-6WXM-MPQJ-6JPF Insecure Temporary File usage in github.com/golang/glog

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

7.2CVSS6.8AI score0.00281EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 4 : libsdp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libsdp: insecure log file handling CVE-2010-4173 Note that Nessus has not tested for this issue but has instead...

3.3CVSS6.7AI score0.00297EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 5 : libsdp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libsdp: insecure log file handling CVE-2010-4173 Note that Nessus has not tested for this issue but has instead...

3.3CVSS6.7AI score0.00297EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.26 views

RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...

7.7CVSS7.4AI score0.04905EPSS
Exploits10References71
OSV
OSV
added 2023/05/10 5:55 p.m.5 views

SUSE-SU-2023:2164-1 Security update for cloud-init

This update for cloud-init contains following fixes: - CVE-2021-3429: Do not write the generated password to the log file. bsc1184758 - CVE-2023-1786: Do not expose sensitive data gathered from the CSP. bsc1210277 Other fixes: - Change log file creation mode to 640. bsc1183939 - Write proper...

5.5CVSS5.5AI score0.00263EPSS
Exploits0References8
Mageia
Mageia
added 2017/02/20 1:0 p.m.58 views

Updated mariadb packages fix security vulnerability

Root Privilege Escalation CVE-2016-6664. Unspecified vulnerability affecting the Optimizer component CVE-2017-3238. Unspecified vulnerability affecting the Charsets component CVE-2017-3243. Unspecified vulnerability affecing the DML component CVE-2017-3244. Unspecified vulnerability affecting...

7CVSS1.7AI score0.04792EPSS
Exploits10References4
CNVD
CNVD
added 2016/03/04 12:0 a.m.6 views

Cisco Prime Infrastructure Remote Code Execution Vulnerability

Cisco Prime Infrastructure is a solution for wireless management through Cisco Technologies LMS and NCS. Cisco Prime Infrastructure has a remote code execution vulnerability in log file handling, which allows an authenticated, remote attacker to alter system file logs to execute arbitrary code...

8.8CVSS8.5AI score0.02235EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/05/18 12:0 a.m.6 views

The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Windows operating system exists due to incorrect handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...

9.3CVSS5.9AI score0.17767EPSS
Exploits0References2
Rows per page
Query Builder