Lucene search
K

217 matches found

BDU FSTEC
BDU FSTEC
added 2016/01/19 12:0 a.m.6 views

The vulnerability of the Mac OS X operating system, which allows a hacker to increase their privileges

The vulnerability of the kernel loader in the EFI component of the Mac OS X operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created path name...

7.2CVSS7.2AI score0.00354EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2015/12/07 12:0 a.m.44 views

iniNet SpiderControl SCADA Web Server Service 2.02 Privilege Escalation

iniNet SpiderControl SCADA Web Server Service 2.02 Insecure File Permissions Vendor: iniNet Solutions GmbH Product web page: http://www.spidercontrol.net Affected version: 2.02.0000 Summary: Modular and automated engineering is provided for HMI and SCADA. The tools are developed to join a large...

0.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/09/23 12:0 a.m.7 views

The vulnerability of the libvdpau library, which allows a hacker to elevate their privileges

The vulnerability of the libvdpau library exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow a local attacker to increase their privileges by manipulating the VDPAUDRIVER variable...

7.2CVSS5.5AI score0.00505EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.6 views

The vulnerability of the Oracle Fusion Middleware software platform allows a perpetrator to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the Oracle Data Integrator sub-component of the Oracle Fusion Middleware software exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the...

6.8CVSS6.5AI score0.0189EPSS
Exploits0References2Affected Software1
Ubuntu
Ubuntu
added 2015/05/09 12:44 a.m.52 views

USN-2600-2: Linux kernel regression

USN-2600-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. Original advisory...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2015/05/09 12:36 a.m.32 views

USN-2598-2: Linux kernel regression

USN-2598-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. Original advisory...

5.4AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/2503/info Apache HTTPD is the Apache Web Server, freely distributed and actively maintained by the Apache Software Foundation. It is a freely available and widely used software package, included with various implementatio...

7.1AI score
Exploits0
OSV
OSV
added 2014/03/15 4:24 p.m.5 views

MGASA-2014-0129 Updated udisks and udisks2 packages fixes security vulnerability

A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon root CVE-2014-0004...

6.9CVSS6.7AI score0.0043EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2011/04/11 12:0 a.m.20 views

Novell ZENworks Asset Management Path Traversal File Overwrite Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Asset Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within a servlet provided within the Novell Zenworks distribution for...

10CVSS5.2AI score0.25428EPSS
Exploits5References1
seebug.org
seebug.org
added 2006/12/13 12:0 a.m.34 views

Winamp Web接口多个安全漏洞

Winamp Web接口(Wawi)是Winamp的一个开源插件,允许用户通过Web浏览器远程管理媒体播放器。 Wawi的实现后半辈子存在多个安全漏洞,具体如下: ----------------------------------- A FindBasicAuth缓冲区溢出 ----------------------------------- FindBasicAuth函数位于security.cpp,用于解析客户端请求中的Authorization...

7.1AI score
Exploits0
Prion
Prion
added 2006/05/12 9:2 p.m.17 views

Buffer overflow

Buffer overflow in the FTP server FTPServer in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling."...

6.5CVSS7.5AI score0.03526EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2006/05/12 9:0 p.m.20 views

CVE-2006-1445

Buffer overflow in the FTP server FTPServer in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling."...

7.2AI score0.03526EPSS
Exploits0References8
NVD
NVD
added 2005/05/03 4:0 a.m.18 views

CVE-2005-1450

Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact...

7.5CVSS6.6AI score0.01317EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/11/13 12:0 a.m.15 views

GLSA-200411-16 : zip: Path name buffer overflow

The remote host is affected by the vulnerability described in GLSA-200411-16 zip: Path name buffer overflow zip does not check the resulting path length when doing recursive folder compression. Impact : An attacker could exploit this by enticing another user or web application to create an archiv...

10CVSS6.2AI score0.09246EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2004/11/09 12:0 a.m.34 views

zip: Path name buffer overflow

Background zip is a compression and file packaging utility. Description zip does not check the resulting path length when doing recursive folder compression. Impact An attacker could exploit this by enticing another user or web application to create an archive including a specially-crafted path...

10CVSS3.3AI score0.09246EPSS
Exploits0
securityvulns
securityvulns
added 2002/03/27 12:0 a.m.58 views

d_path() truncating excessive long path name vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Name: Linux kernel Version: up to 2.2.20 and 2.4.18 Homepage: http://www.kernel.org/ Author: Wojciech Purczynski [email protected] Date: March 26, 2002 Issue: ====== In case of excessively long path names dpath kernel internal function returns truncated...

6.5AI score
Exploits0
NVD
NVD
added 2000/03/04 5:0 a.m.27 views

CVE-2000-0168

Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability...

5CVSS6.3AI score0.19598EPSS
Exploits0References3
Rows per page
Query Builder