CVE-2021-40981

ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory...

Bucket "h2o-release" publicly writable, allowing an attacker to replace any file

The S3 bucket "h2o-release" where you host docs and which you instruct your users to use as a Maven repo e.g. in here https://github.com/h2oai/h2o-3?tab=readme-ov-file3-using-h2o-3-artifacts is publicly writable. It is possible to overwrite any file in that bucket. As a PoC I created the followin...

Publicly writable directory

There are various methods in which a file or files may be uploaded to a webserver. One method that can be used is the HTTP PUT method. The PUT method is mainly used during development of applications and allows developers to upload or put files on the server within the web root. By nature of the...

Common Desktop Environment <= 2.1 20,Solaris <= 7.0 dtspcd Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/636/info This explanation is quoted from the initial post on this problem by Job De Hass. This message is available in its entirety in the 'Credit' section of this vulnerability entry. The CDE subprocess daemon...

Common Desktop Environment 2.1 20 Solaris 7.0 - dtspcd Local Privilege Escalation

Common Desktop Environment 2.1 20 Solaris 7.0 - dtspcd Local Privilege Escalation !/bin/sh source: https://www.securityfocus.com/bid/636/info This explanation is quoted from the initial post on this problem by Job De Hass. This message is available in its entirety in the 'Credit' section of this...