Lucene search
K

402 matches found

CNVD
CNVD
added 2018/01/31 12:0 a.m.5 views

HPE Intelligent Management Center PLAT Remote Code Execution Vulnerability (CNVD-2018-03952)

HPE Intelligent Management Center iMC PLAT is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A remote code execution vulnerability...

9.3CVSS8.6AI score0.11268EPSS
Exploits0References1
OSV
OSV
added 2018/01/16 7:29 p.m.5 views

DEBIAN-CVE-2014-9485

Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...

5.5CVSS7.1AI score0.04086EPSS
Exploits0References1
OSV
OSV
added 2017/12/05 9:29 a.m.5 views

CVE-2017-16929

The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...

8.1CVSS5.9AI score0.12889EPSS
Exploits4References3
Cvelist
Cvelist
added 2017/08/22 2:0 p.m.25 views

CVE-2017-12843

Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted 1 SYNCAPPLY, 2 SYNCGET or 3 SYNCRESTORE command...

6.2AI score0.01227EPSS
Exploits0References4
CNVD
CNVD
added 2017/07/26 12:0 a.m.3 views

Inteno Router Information Disclosure Vulnerability

Inteno routers is a wireless router from Inteno Broadband Technologies in Sweden. A security vulnerability exists in Inteno routers, which stems from the program's failure to properly configure JUCI ACLs, which can be exploited to read and write files and add a root SSH key by sending JSON comman...

9CVSS8.9AI score0.01197EPSS
Exploits1References1
OSV
OSV
added 2017/06/07 2:29 p.m.5 views

DEBIAN-CVE-2015-8326

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...

5.5CVSS5.3AI score0.00432EPSS
Exploits0References1
OSV
OSV
added 2017/05/22 1:29 a.m.3 views

CVE-2017-6650

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An...

7.8CVSS5.9AI score0.00886EPSS
Exploits0References3
CNVD
CNVD
added 2017/05/10 12:0 a.m.7 views

Quest Privilege Manager Elevation of Privilege Vulnerability

Quest Privilege Manager is a comprehensive solution for user privilege management that provides the core functionality needed to quickly elevate and manage user and administrative privileges. pmmasterd is one of the encryption programs. A security vulnerability exists in pmmasterd in Quest...

9CVSS7.9AI score0.15564EPSS
Exploits6References1
Tenable Nessus
Tenable Nessus
added 2017/03/14 12:0 a.m.40 views

Fedora 24 : libupnp (2017-3bd0b2e2c0)

miniserver: fix binding to ipv6 link-local addresses - Fix out-of-bound access in createurllist CVE-2016-8863 - If the error or info log files can not be created, use stderr and stdout instead. - SF Bug Tracker 132 CVE-2016-6255: write files via POST Note that Tenable Network Security has...

9.8CVSS7.9AI score0.26818EPSS
Exploits4References4
Gentoo Linux
Gentoo Linux
added 2017/01/23 12:0 a.m.58 views

libupnp: Multiple vulnerabilities

Background libupnp is a portable, open source, UPnP development kit. Description Multiple vulnerabilities have been discovered in libupnp. Please review the CVE identifiers referenced below for details. Impact A remote attack could arbitrarily write files to a users file system, cause a Denial of...

9.8CVSS2.6AI score0.26818EPSS
Exploits4
OSV
OSV
added 2016/10/13 10:59 a.m.5 views

CVE-2016-8565

Siemens Automation License Manager ALM before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets...

9.1CVSS5.8AI score0.02909EPSS
Exploits0References4
Cvelist
Cvelist
added 2016/09/21 1:0 a.m.36 views

CVE-2016-0917

The SMB service in EMC VNXe VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638, VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra all supported versions does not prevent duplicate NTLM challenge-response...

9.8AI score0.04181EPSS
Exploits0References4
NVD
NVD
added 2016/09/18 10:59 p.m.9 views

CVE-2016-6405

Cisco Fog Director 1.00 for IOx allows remote authenticated users to bypass intended access restrictions and write to arbitrary files via the Cartridge interface, aka Bug ID CSCuz89368...

6.8CVSS6.4AI score0.01171EPSS
Exploits0References2
CNVD
CNVD
added 2016/08/07 12:0 a.m.4 views

Mozilla Firefox Updater Local File Write Vulnerability

Mozilla Firefox is an open source web browser; A security vulnerability in Mozilla Firefox's Updater allows local attackers to exploit the vulnerability to write arbitrary files...

4.7CVSS8.5AI score0.00245EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/29 12:0 a.m.4 views

SAP TREX Arbitrary File Modification Vulnerability

SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. An arbitrary file modification vulnerability exists in SAP TREX, which can be exploited by a remote attacker to read and write arbitrary files on the file system...

9.8CVSS7AI score0.05532EPSS
Exploits0References1
OSV
OSV
added 2016/07/13 1:59 a.m.2 views

CVE-2016-3258

Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System...

4.7CVSS5.8AI score
Exploits0References3
0day.today
0day.today
added 2016/03/09 12:0 a.m.275 views

Exim 4.84-3 - Privilege Escalation

Exploit for windows platform in category local exploits !/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps 0day.today 2018-02-19...

6.9CVSS0.3AI score0.05901EPSS
Exploits13
BDU FSTEC
BDU FSTEC
added 2015/11/20 12:0 a.m.9 views

The vulnerability of the microprogramming software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems allows a perpetrator to read and write files or execute JASIC code.

The vulnerability of the debugging interface of Microprogramming Software for Control System Chains of Janitza UMG models 508, 509, 511, 604, and 605 is related to the absence of an authentication procedure. Exploiting this vulnerability allows a malicious actor to read and write files, or execut...

7.5CVSS5.7AI score0.01623EPSS
Exploits0References2
CNVD
CNVD
added 2015/10/22 12:0 a.m.4 views

Avast-0 Directory Traversal Vulnerability

Avast is a suite of antivirus software from the Czech company Avast Avast. A directory traversal vulnerability exists in versions prior to Avast 150918-0. This allows remote attackers to delete or write arbitrary files via crafted entries in ZIP archives, deletion or writing...

6.4CVSS7AI score0.02969EPSS
Exploits0References1
CNVD
CNVD
added 2015/10/18 12:0 a.m.5 views

QNAP Systems QNAP QTS Directory Traversal Vulnerability

QNAP Systems QNAP QTS is a Turbo NAS operating system from QNAP Systems. A directory traversal vulnerability exists in QNAP Systems QNAP QTS. When AFP is enabled in the program, a remote attacker can read or write arbitrary files by submitting a special directory traversal request while accessing...

9.3CVSS7.1AI score0.04077EPSS
Exploits0References1
Rows per page
Query Builder