USN-8360-1 sslh vulnerability

It was discovered that sslh did not properly handle symbolic links when writing its PID file. A local attacker could possibly use this issue to overwrite arbitrary files...

CVE-2026-44051 Arbitrary file read via attacker-controlled symlink creation

An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary files or overwrite arbitrary files via attacker-controlled symlink creation...

ROS-20260513-73-0016

Vulnerability in python-requests related to insecure temporary files. Exploitation of the vulnerability could allow an attacker to overwrite arbitrary files...

External Control of File Name or Path

Overview @evomap/evolver is an A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol GEP for auditable, reusable evolution assets. Affected versions of this package are vulnerable to External Control of File Name or Path via the fetch...

CVE-2026-26359

Dell Unisphere for PowerMax, versions 10.2, contains an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files...

Fortinet FortiManager和Fortinet FortiManager Cloud 路径遍历漏洞

Fortinet FortiManager and Fortinet FortiManager Cloud are both products of Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management...

Apple Xcode Out-of-Bounds Write Vulnerability

Apple Xcode is an integrated development environment developed by Apple Inc. Apple Xcode suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause an application to overwrite arbitrary files...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 15.2, which originates from an application that may be able to overwrite arbitrary files...

RHEL 6 : perltidy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perltidy: insecure temporary file creation CVE-2014-2277 - perltidy through 20160302, as used by...

RHEL 7 : emacs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - emacs: multiple temporary file issues CVE-2014-3424 - emacs: command execution via shell metacharacters...

CVE-2024-23216

A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to overwrite arbitrary files...

CVE-2024-0167

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in the svctopstats utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files on the file system with root privileges...

The vulnerability of the Sandbox component in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS allows a hacker to re-record any files they desire.

The vulnerability of the Sandbox component in operating systems such as iPadOS, tvOS, iOS, watchOS, and macOS arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to overwrite arbitrary files...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2023:2884-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2884-1 advisory. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile...

Design/Logic Flaw

The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery utility. An attacker with permissions to add or edit jobs run by this utility can inject an extra argument to overwrite arbitrary files as the root user on the Remote Collector...

The vulnerability of the command-line interface of the programmatically defined Cisco SD-WAN network allows a hacker to re-write any files they desire.

The vulnerability of the command-line interface of the programmatically defined Cisco SD-WAN network relates to the use of files and directories accessible from external parties. Exploiting this vulnerability could allow a attacker to overwrite arbitrary files...

Apple macOS Big Sur 安全漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. A security vulnerability exists in macOS Big Sur, which originates from allowing a native application to overwrite arbitrary files. Affected Versions:macOS: 11.0 20A2411, 11.0.1 20B29, 11.0.1 20B50, 11.1 20C69, 11.2 20D64, 11.2.1...

CVE-2021-1434

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this...

Security Bulletin: Vulnerability in OpenSSH affects IBM Integrated Analytics System

Summary Redhat provided OpenSSH is used by IBM Integrated Analytics System. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2019-6109 DESCRIPTION: OpenSSH could allow a remote attacker to conduct spoofing attacks, caused by missing character encoding in th...

Oracle Linux 7 : pcp (ELSA-2020-3869)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3869 advisory. 4.3.2-12 - Fix pcp-atop dynamic memory initialization issues BZ 1818710 4.3.2-8 - Fix rpm %post privilege escalation CVEs BZs 1815249, 1815528 - Resolv...