250 matches found
CVE-2024-27374
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsinanpublishgetnlparams, there is no input validation check on halreq-servicespecificinfolen coming from userspace, which can lead to a heap overwrite...
CVE-2024-12252
The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remoteupdate AJAX action in all versions up to, and including, 2.2.1. This makes it possible for unauthenticated attackers to overwrite the seo-beginner-auto-post.php file which can...
CVE-2024-20401
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying operating system. This vulnerability is due to improper handling of email attachments when file...
CVE-2024-45672
IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service...
CVE-2025-23051
An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary system files...
openSUSE Security Advisory (SUSE-SU-2024:4302-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-47613
A flaw was found in the gdk-pixbuf decoder in the GStreamer library. Processing a specially crafted input file can cause a NULL pointer dereference due to an unchecked return value, resulting in an application crash and a denial of service. Mitigation Do not process untrusted files with the...
SUSE-SU-2024:4295-1 Security update for socat
This update for socat fixes the following issues: - CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory in socat readline.sh bsc1225462...
SUSE-SU-2024:4294-1 Security update for socat
This update for socat fixes the following issues: - CVE-2024-54661: Fixed arbitrary file overwrite via predictable /tmp directory bsc1225462...
CVE-2024-5823
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions = 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files within the system. Exploiting this vulnerability can lead to unauthorized changes in system behavior...
CVE-2024-5823
A CVE-2024-5823 entry concerns a file overwrite vulnerability in gaizhenbiao/chuanhuchatgpt versions <= 20240410. The root cause: an insecure file handling path enables an attacker to overwrite critical configuration files, which can lead to unauthorized changes in system behavior or security ...
CVE-2024-5823 File Overwrite Vulnerability in gaizhenbiao/chuanhuchatgpt
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions = 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files within the system. Exploiting this vulnerability can lead to unauthorized changes in system behavior...
CVE-2024-5823 File Overwrite Vulnerability in gaizhenbiao/chuanhuchatgpt
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions = 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files within the system. Exploiting this vulnerability can lead to unauthorized changes in system behavior...
SAMSUNG Mobile Processor 安全漏洞
SAMSUNG Mobile Processor is a family of mobile processors from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile Processor, which stems from the function slsirxrangedoneind not performing an input validation check on rttid from userspace, resulting in a heap overwrite. The...
CVE-2024-41121 Custom workspace allow to overwrite plugin entrypoint executable in Woodpecker
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to extract the secrets w...
CVE-2024-27373
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsinanconfiggetnlparams, there is no input validation check on discattr-meshidlen coming from userspace, which can lead to a heap overwrite...
CVE-2024-27374
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsinanpublishgetnlparams, there is no input validation check on halreq-servicespecificinfolen coming from userspace, which can lead to a heap overwrite...
CVE-2024-27375
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsinanfollowupgetnlparams, there is no input validation check on halreq-sdeaservicespecificinfolen coming from userspace, which can lead to a heap overwrite...
CVE-2024-27376
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsinansubscribegetnlparams, there is no input validation check on halreq-rxmatchfilterlen coming from userspace, which can lead to a heap overwrite...
CVE-2024-21870
A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this...