JLSEC-2026-603

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

UBUNTU-CVE-2026-6475

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

CVE-2026-6475

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

CVE-2026-6475 PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

EUVD-2026-8673

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...

CVE-2026-20122

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This...

ckermit 安全漏洞

ckermit is an open source serial communications software from The Kermit Project. A security vulnerability exists in ckermit 10.0 Beta.12 and earlier versions, which originates from a remote Kermit system that can overwrite or retrieve local files...

EUVD-2025-204003

mcp-server-git argument injection in gitdiff and gitcheckout functions allows overwriting local files...

CLSA-2025-1758228073 Fix CVE(s): CVE-2023-30630

SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630...

Tenable Agent 安全漏洞

Tenable Agent is a vulnerability scanning program from Tenable USA. Tenable Agent suffers from a security vulnerability that originates from a non-administrative user being able to overwrite arbitrary local system files with SYSTEM privileges. No details of the vulnerability are provided at this...

SUSE CVE-2023-30630

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed...

Moderate: Red Hat Security Advisory: curl security and bug fix update

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Mozilla Firefox ESR Resource Management Error Vulnerability (CNVD-2020-46332)

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR versions prior to 68.11 for Android-based platforms. The vulnerability can be exploited by an attacker with the help o...

PT-2020-3018 · Curl +7 · Curl +7

Name of the Vulnerable Software and Affected Versions: curl versions 7.20.0 through 7.70.0 Description: The issue exists due to a logical error in handling the Content-Disposition header of an HTTP response. This can allow a remote attacker to overwrite a local file. The vulnerability is related ...

LibreOffice Input Validation Error Vulnerability (CNVD-2020-35943)

LibreOffice is an open source office software suite from The Document Foundation TDF. The product includes applications such as Writer text documents, Calc spreadsheets and Impress presentations. A security vulnerability exists in LibreOffice versions prior to 6.4.4. An attacker can exploit the...

DEBIAN-CVE-2020-12803

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need f...

Mozilla Firefox and Firefox ESR Arbitrary File Overwrite Vulnerability

Firefox is an open source Web browser ; Firefox ESR is an extended support version of Firefox.Graphite is a set of Python language , written using the Django framework for enterprise-class open source system monitoring tools . Mozilla Firefox and Firefox ESR have a security vulnerability in the...