22 matches found
Acer ListCheck.exe 安全漏洞
Acer ListCheck.exe is a version comparison and system checking tool from Acer Taiwan, China. A security vulnerability exists in Acer ListCheck.exe that originates from a file that can be replaced by a malicious file with the same name, which could result in a local elevation of privilege...
Regular Expression Denial of Service (ReDoS)
Overview turndown is an A library that converts HTML to Markdown Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the replacement function in commonmark-rules.js. An attacker can cause excessive resource consumption. PoC js const attackString =...
Regular Expression Denial of Service (ReDoS)
Overview org.webjars.npm:turndown is an A library that converts HTML to Markdown Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the replacement function in commonmark-rules.js. An attacker can cause excessive resource consumption. PoC js const...
CVE-2024-54099
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...
Huawei EMUI and HarmonyOS File Replacement Vulnerability
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A file replacement vulnerability exists in Huawei EMUI and HarmonyOS. An attacker could exploit this vulnerabilit...
CVE-2024-54099
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...
CVE-2024-54099
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...
CVE-2024-54099
CVE-2024-54099 concerns a file replacement vulnerability in Huawei EMUI and HarmonyOS. Multiple connected sources describe impact to integrity and confidentiality with local exploitation paths. The NVD entry lists a Local/Low-Complexity attack with Low privileges required (varies by source), and ...
CVE-2024-54099
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...
CVE-2024-54099
File replacement vulnerability on some devices Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...
Huawei EMUI和Huawei HarmonyOS 安全漏洞
Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A file replacement vulnerability exists in Huawei EMUI and HarmonyOS. An attacker could exploit this vulnerabilit...
nano security update
5.6.1-6 - fix emergency file replacement vulnerability RHEL-35237...
SUSE-SU-2024:3158-3 Security update for postgresql16
This update for postgresql16 fixes the following issues: - Upgrade to 15.8 bsc1229013 - CVE-2024-7348: PostgreSQL relation replacement during pgdump executes arbitrary SQL. bsc1229013...
Oracle Linux 8 : nano (ELSA-2024-6986)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-6986 advisory. 2.9.8-3 - fix incomplete backport of the fix for the emergency file replacement vulnerability RHEL-35236 2.9.8-2 - fix emergency file replacement vulnerability...
Important: Red Hat Security Advisory: postgresql:13 security update
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated...
Important: Red Hat Security Advisory: postgresql:13 security update
An update for the postgresql:13 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
CVE-2024-40547
PublicCMS v4.0.202302.e was discovered to contain an arbitrary file content replacement vulnerability via the component /admin/cmsTemplate/replace...
PublicCMS Security Vulnerabilities
PublicCMS is an open source content management system CMS written in Java by PublicCMS China. A security vulnerability exists in PublicCMS version v4.0.202302.e, which originates from a Contains Arbitrary File Content Replacement vulnerability...
CVE-2024-31863 Apache Zeppelin: Replacing other users notebook, bypassing any permissions
Authentication Bypass by Spoofing vulnerability by replacing to exsiting notes in Apache Zeppelin.This issue affects Apache Zeppelin: from 0.10.1 before 0.11.0. Users are recommended to upgrade to version 0.11.0, which fixes the issue...
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs in %WINDIR%\system32 with malicious ones...