CVE-2017-9387

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called relay.sh which is used for creating new SSH relays for the device so that the device connects to Vera servers. All the parameters passed in this specific script are logged to a...

SIPp 3.6 - Local Buffer Overflow (PoC)

SIPp 3.6 - Local Buffer Overflow PoC Exploit Title: SIPp 3.6 - Local Buffer Overflow PoC Date: 2018-06-30 Exploit Author: Fakhri Zulkifli Vendor Homepage: http://sipp.sourceforge.net/ Software Link: https://github.com/SIPp/sipp/releases Version: 3.6-dev and earlier Tested on: 3.6-dev $ ./sipp -3p...

CVE-2016-10538

The package node-cli before 1.0.0 insecurely uses the lockfile and logfile. Both of these are temporary, but it allows the starting user to overwrite any file they have access to...

Design/Logic Flaw

The package node-cli before 1.0.0 insecurely uses the lockfile and logfile. Both of these are temporary, but it allows the starting user to overwrite any file they have access to...

CVE-2016-10538

CVE-2016-10538 affects node-cli prior to 1.0.0, where the process insecurely uses temporary files (lock_file and log_file). This design flaw enables the starting user to overwrite arbitrary files they have access to, due to predictable temporary file names. The core issue is the ability to create...

CVE-2016-10538

The package node-cli before 1.0.0 insecurely uses the lockfile and logfile. Both of these are temporary, but it allows the starting user to overwrite any file they have access to...

Уязвимость в Oracle Listener

Используя команды SET TRCFILE или SET LOGFILE пользователь может перезаписать любой файл своими данными...