Lucene search
K

250 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/01 12:0 a.m.2 views

FreeBSD : LibreSSL -- overwrite and -read vulnerability (699ef80f-9e91-11f0-bc5f-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 699ef80f-9e91-11f0-bc5f-8447094a420f advisory. The LibreSSL project reports: An incorrect length check can result in a 4-byte overwrite and an 8-byte...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References3
Redos
Redos
added 2025/08/19 12:0 a.m.3 views

ROS-20250819-12

Vulnerability of configuration management and remote Salt operations execution system is related to incorrect input data validation in the findfile method of the GitFS class. Exploitation of the vulnerability could allow an attacker to manipulate files and directories Vulnerability in the Salt...

9.6CVSS7.7AI score0.00982EPSS
Exploits0
NVD
NVD
added 2025/07/30 3:15 p.m.25 views

CVE-2025-54433

Bugsink is a self-hosted error tracking service. In versions 1.4.2 and below, 1.5.0 through 1.5.4, 1.6.0 through 1.6.3, and 1.7.0 through 1.7.3, ingestion paths construct file locations directly from untrusted eventid input without validation. A specially crafted eventid can result in paths outsi...

7.2CVSS0.00538EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/06/13 8:18 a.m.22 views

CVE-2025-36506

External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a specially crafted request, arbitrary files in the file system can be overwritten with log data...

6.9CVSS0.00369EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/13 7:4 a.m.4 views

CVE-2025-22241 CVE-2025-22241 salt advisory

File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location a...

5.6CVSS7.3AI score0.00166EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:10 a.m.7 views

CVE-2024-54520

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files...

5.5CVSS7.1AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:18 a.m.9 views

CVE-2024-5823

A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions = 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files within the system. Exploiting this vulnerability can lead to unauthorized changes in system behavior...

9.1CVSS7.1AI score0.00527EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:9 a.m.15 views

CVE-2023-50254

Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...

9.3CVSS7.5AI score0.02118EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:47 a.m.4 views

CVE-2023-20091

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system. An attacker...

5.1CVSS6.8AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:49 p.m.8 views

CVE-2022-38730

Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in...

6.3CVSS6.8AI score0.0029EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.6 views

CVE-2021-40036

The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution...

9.8CVSS7.1AI score0.00956EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:54 p.m.6 views

CVE-2020-12026

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control...

8.8CVSS7.1AI score0.02312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:42 p.m.6 views

CVE-2020-8581

Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled...

6.5CVSS6.8AI score0.00889EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:0 a.m.7 views

CVE-2019-15119

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.8CVSS6.6AI score0.00955EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:33 a.m.8 views

CVE-2013-1867

Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability...

6.3CVSS7.3AI score0.00394EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:15 a.m.8 views

CVE-2012-2627

d4d/uploader.php in the web console in Plixer Scrutinizer aka Dell SonicWALL Scrutinizer before 9.5.0 allows remote attackers to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request...

9.4CVSS7AI score0.05728EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:55 p.m.5 views

CVE-2003-0438

eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files...

1.2CVSS6.7AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 5:18 p.m.57 views

CVE-2025-20213

CVE-2025-20213 affects Cisco Catalyst SD-WAN Manager (SD-WAN vManage) with a vulnerability in the CLI that allows an authenticated, local attacker with valid read-only CLI credentials to overwrite arbitrary files on the local filesystem, potentially gaining root privileges. Root cause is improper...

5.5CVSS5.7AI score0.0014EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.3 views

Acronis Backup plugin for cPanel & WHM (Linux)和Acronis Backup extension for Plesk (Linux) 安全漏洞

Acronis Backup plugin for cPanel & WHM Linux and Acronis Backup extension for Plesk Linux are both plug-ins from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux and Acronis Backup extension for Plesk Linux, which stems from improper handling of...

5.5CVSS5.7AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.16 views

CVE-2024-57256

An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite...

7.1CVSS0.00365EPSS
Exploits0References2
Rows per page
Query Builder