Race condition in xterm allows local users to modify arbitrary files via the logging option.

...

Archive_Tar: directory traversal due to inadequate checking of symbolic links

A flaw was found in the ArchiveTar package. ArchiveTar could allow a remote attacker to traverse directories on the system caused by inadequate checking of symbolic links. An attacker could send a specially-crafted URL request to the Tar.php script containing "dot dot" sequences /../ to modify...

GHSA-V2GW-X5JF-PGWV Mercurial Directory traversal vulnerability

Directory traversal vulnerability in patch.py in Mercurial before 1.0.2 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

CVE-2019-14397

cPanel before 80.0.5 allows demo accounts to modify arbitrary files via the extractfile API1 call SEC-496...

Cisco StarOS Remote Security Bypass Vulnerability

Cisco StarOS is the United States Cisco Cisco company's set of operating systems running in the 5000 and other series of router equipment. A remote security bypass vulnerability exists in Cisco StarOS, which can be exploited by a remote authenticated attacker to modify arbitrary files. The...

Cisco AnyConnect Secure Mobility Client IPC Command File Modification Vulnerability

Cisco AnyConnect Secure Mobility is a secure enterprise mobility solution. Cisco AnyConnect Secure Mobility Client fails to properly validate IPC commands, allowing a local attacker to exploit the vulnerability to modify arbitrary files with elevated privileges...

CVE-2014-1934

tag.py in eyeD3 aka python-eyed3 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file...

CVE-2014-1833

Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink...

CVE-2014-1833

Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar file, related to a symlink...

CVE-2014-0027

The playwavefromsocket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information...

CVE-2010-0396

Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote attackers to modify arbitrary files via a crafted Debian source archive...

CVE-2008-2942

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." dot dot sequences in a patch file...

CVE-2007-5689

The Java Virtual Machine JVM in Sun Java Runtime Environment JRE in SDK and JRE 1.3.x through 1.3.120 and 1.4.x through 1.4.215, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via...

CVE-2006-3406

Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. dot dot sequence in the edit parameter...