Lucene search
K

22 matches found

Microsoft CVE
Microsoft CVE
added 2025/10/02 6:10 a.m.7 views

Race condition in xterm allows local users to modify arbitrary files via the logging option.

...

6.2CVSS7AI score0.00334EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/01/23 12:0 a.m.6 views

The vulnerability of the Beta Access Utility component of the macOS operating system, related to vulnerabilities in access control, allows a malicious individual to modify arbitrary files.

The vulnerability of the Beta Access Utility component of the macOS operating system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to modify arbitrary files...

5.5CVSS6.8AI score0.00227EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/02 4:38 p.m.7 views

Archive_Tar: directory traversal due to inadequate checking of symbolic links

A flaw was found in the ArchiveTar package. ArchiveTar could allow a remote attacker to traverse directories on the system caused by inadequate checking of symbolic links. An attacker could send a specially-crafted URL request to the Tar.php script containing "dot dot" sequences /../ to modify...

7.5CVSS5.9AI score0.70595EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/10/20 12:0 a.m.7 views

The vulnerability of the Apache Struts software platform, related to deficiencies in access control, allows attackers to modify any arbitrary files.

The vulnerability of the Apache Struts software platform is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to modify arbitrary files remotely...

5.3CVSS7.8AI score0.28628EPSS
Exploits0References7Affected Software2
OSV
OSV
added 2022/05/02 3:38 a.m.12 views

GHSA-9RJ9-5WCV-XGF2 Roundup Improper Access Control

The EditCSVAction function in cgi/actions.py in Roundup 1.2 before 1.2.1, 1.4 through 1.4.6, and possibly other versions does not properly check permissions, which allows remote authenticated users with edit or create privileges for a class to modify arbitrary items within that class, as...

5.5CVSS6.1AI score0.02322EPSS
Exploits0References12
OSV
OSV
added 2022/05/01 11:55 p.m.14 views

GHSA-V2GW-X5JF-PGWV Mercurial Directory traversal vulnerability

Directory traversal vulnerability in patch.py in Mercurial before 1.0.2 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

6.8CVSS9.1AI score0.01885EPSS
Exploits3References15
OSV
OSV
added 2019/07/30 3:15 p.m.5 views

CVE-2019-14397

cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call SEC-496...

5.3CVSS6.2AI score0.00767EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/09 12:0 a.m.2 views

Cisco StarOS Remote Security Bypass Vulnerability

Cisco StarOS is the United States Cisco Cisco company's set of operating systems running in the 5000 and other series of router equipment. A remote security bypass vulnerability exists in Cisco StarOS, which can be exploited by a remote authenticated attacker to modify arbitrary files. The...

4.9CVSS7AI score0.0128EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/11 12:0 a.m.4 views

Cisco AnyConnect Secure Mobility Client IPC Command File Modification Vulnerability

Cisco AnyConnect Secure Mobility is a secure enterprise mobility solution. Cisco AnyConnect Secure Mobility Client fails to properly validate IPC commands, allowing a local attacker to exploit the vulnerability to modify arbitrary files with elevated privileges...

6.6CVSS6.8AI score0.00383EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2014/05/08 2:29 p.m.17 views

CVE-2014-1934

tag.py in eyeD3 aka python-eyed3 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file...

3.3CVSS5.9AI score0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/02/05 6:0 p.m.27 views

CVE-2014-1833

Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink...

6.4AI score0.0373EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2014/02/05 6:0 p.m.14 views

CVE-2014-1833

Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink...

5CVSS6.5AI score0.0373EPSS
Exploits0
Cvelist
Cvelist
added 2014/01/26 1:0 a.m.33 views

CVE-2014-0027

The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...

6AI score0.00331EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2013/04/17 12:0 a.m.27 views

CVE-2013-2423

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented...

4.3CVSS5AI score0.85333EPSS
In wildExploits6References18
UbuntuCve
UbuntuCve
added 2010/03/11 12:0 a.m.24 views

CVE-2010-0396

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

5.8CVSS6AI score0.02007EPSS
Exploits0References2
Cvelist
Cvelist
added 2009/08/11 10:0 a.m.20 views

CVE-2009-2737

The EditCSVAction function in cgi/actions.py in Roundup 1.2 before 1.2.1, 1.4 through 1.4.6, and possibly other versions does not properly check permissions, which allows remote authenticated users with edit or create privileges for a class to modify arbitrary items within that class, as...

6.3AI score0.02322EPSS
Exploits0References9
NVD
NVD
added 2008/06/30 8:41 p.m.14 views

CVE-2008-2942

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

6.8CVSS6.4AI score0.01885EPSS
Exploits3References13
UbuntuCve
UbuntuCve
added 2007/10/29 7:46 p.m.35 views

CVE-2007-5689

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

10CVSS6.1AI score0.0503EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/06/07 10:30 p.m.6 views

security flaw

slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...

2.3CVSS5.9AI score0.02658EPSS
Exploits0References4
Prion
Prion
added 2007/02/14 11:28 a.m.16 views

Design/Logic Flaw

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...

7.5CVSS7AI score0.01126EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder