Lucene search
K

19 matches found

RedHat Linux
RedHat Linux
added 2026/06/22 6:34 a.m.6 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS6AI score0.00324EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 6:10 a.m.6 views

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

8.8CVSS6AI score0.00324EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 1:54 p.m.7 views

JLSEC-2026-603

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

8.8CVSS5.5AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 2:16 p.m.4 views

UBUNTU-CVE-2026-6475

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/14 1:0 p.m.7 views

CVE-2026-6475

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/14 1:0 p.m.7 views

CVE-2026-6475 PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

8.8CVSS5.8AI score0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 6:31 p.m.7 views

EUVD-2026-8673

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...

5.4CVSS5.8AI score0.07016EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 5:25 p.m.4 views

CVE-2026-20122

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...

5.4CVSS5.9AI score0.07016EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.4 views

ckermit 安全漏洞

ckermit is an open source serial communications software from The Kermit Project. A security vulnerability exists in ckermit 10.0 Beta.12 and earlier versions, which originates from a remote Kermit system that can overwrite or retrieve local files...

8.9CVSS6.3AI score0.00373EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/17 10:50 p.m.4 views

EUVD-2025-204003

mcp-server-git argument injection in gitdiff and gitcheckout functions allows overwriting local files...

6.3CVSS6.4AI score0.0728EPSS
Exploits0References2
OSV
OSV
added 2025/09/18 8:41 p.m.6 views

CLSA-2025-1758228073 Fix CVE(s): CVE-2023-30630

SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630...

7.1CVSS6.7AI score0.00523EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/13 12:0 a.m.3 views

Tenable Agent 安全漏洞

Tenable Agent is a vulnerability scanning program from Tenable USA. Tenable Agent suffers from a security vulnerability that originates from a non-administrative user being able to overwrite arbitrary local system files with SYSTEM privileges. No details of the vulnerability are provided at this...

8.4CVSS6.7AI score0.0016EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/04/15 1:58 a.m.2 views

SUSE CVE-2023-30630

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed...

6.2CVSS7.7AI score0.00523EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2020/11/04 1:14 a.m.65 views

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.8CVSS6.7AI score0.01236EPSS
Exploits1References4
CNVD
CNVD
added 2020/08/12 12:0 a.m.2 views

Mozilla Firefox ESR Resource Management Error Vulnerability (CNVD-2020-46332)

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR versions prior to 68.11 for Android-based platforms. The vulnerability can be exploited by an attacker with the help o...

5.5CVSS6.4AI score0.00635EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/06/24 12:0 a.m.3 views

PT-2020-3018 · Curl +7 · Curl +7

Name of the Vulnerable Software and Affected Versions: curl versions 7.20.0 through 7.70.0 Description: The issue exists due to a logical error in handling the Content-Disposition header of an HTTP response. This can allow a remote attacker to overwrite a local file. The vulnerability is related ...

9.8CVSS6.4AI score0.17939EPSS
Exploits7References109
CNVD
CNVD
added 2020/06/09 12:0 a.m.1 views

LibreOffice Input Validation Error Vulnerability (CNVD-2020-35943)

LibreOffice is an open source office software suite from The Document Foundation TDF. The product includes applications such as Writer text documents, Calc spreadsheets and Impress presentations. A security vulnerability exists in LibreOffice versions prior to 6.4.4. An attacker can exploit the...

6.5CVSS9.1AI score0.01712EPSS
Exploits0References1
OSV
OSV
added 2020/06/08 4:15 p.m.1 views

DEBIAN-CVE-2020-12803

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need f...

6.5CVSS6.2AI score0.01712EPSS
Exploits0References1
CNVD
CNVD
added 2016/03/13 12:0 a.m.4 views

Mozilla Firefox and Firefox ESR Arbitrary File Overwrite Vulnerability

Firefox is an open source Web browser ; Firefox ESR is an extended support version of Firefox.Graphite is a set of Python language , written using the Django framework for enterprise-class open source system monitoring tools . Mozilla Firefox and Firefox ESR have a security vulnerability in the...

8.8CVSS8.9AI score0.02339EPSS
Exploits0References1
Rows per page
Query Builder