402 matches found
HPE Intelligent Management Center PLAT Remote Code Execution Vulnerability (CNVD-2018-03952)
HPE Intelligent Management Center iMC PLAT is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A remote code execution vulnerability...
DEBIAN-CVE-2014-9485
Directory traversal vulnerability in the doextractcurrentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive...
CVE-2017-16929
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-12843
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted 1 SYNCAPPLY, 2 SYNCGET or 3 SYNCRESTORE command...
Inteno Router Information Disclosure Vulnerability
Inteno routers is a wireless router from Inteno Broadband Technologies in Sweden. A security vulnerability exists in Inteno routers, which stems from the program's failure to properly configure JUCI ACLs, which can be exploited to read and write files and add a root SSH key by sending JSON comman...
DEBIAN-CVE-2015-8326
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user...
CVE-2017-6650
A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An...
Quest Privilege Manager Elevation of Privilege Vulnerability
Quest Privilege Manager is a comprehensive solution for user privilege management that provides the core functionality needed to quickly elevate and manage user and administrative privileges. pmmasterd is one of the encryption programs. A security vulnerability exists in pmmasterd in Quest...
Fedora 24 : libupnp (2017-3bd0b2e2c0)
miniserver: fix binding to ipv6 link-local addresses - Fix out-of-bound access in createurllist CVE-2016-8863 - If the error or info log files can not be created, use stderr and stdout instead. - SF Bug Tracker 132 CVE-2016-6255: write files via POST Note that Tenable Network Security has...
libupnp: Multiple vulnerabilities
Background libupnp is a portable, open source, UPnP development kit. Description Multiple vulnerabilities have been discovered in libupnp. Please review the CVE identifiers referenced below for details. Impact A remote attack could arbitrarily write files to a users file system, cause a Denial of...
CVE-2016-8565
Siemens Automation License Manager ALM before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets...
CVE-2016-0917
The SMB service in EMC VNXe VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638, VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra all supported versions does not prevent duplicate NTLM challenge-response...
CVE-2016-6405
Cisco Fog Director 1.00 for IOx allows remote authenticated users to bypass intended access restrictions and write to arbitrary files via the Cartridge interface, aka Bug ID CSCuz89368...
Mozilla Firefox Updater Local File Write Vulnerability
Mozilla Firefox is an open source web browser; A security vulnerability in Mozilla Firefox's Updater allows local attackers to exploit the vulnerability to write arbitrary files...
SAP TREX Arbitrary File Modification Vulnerability
SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. An arbitrary file modification vulnerability exists in SAP TREX, which can be exploited by a remote attacker to read and write arbitrary files on the file system...
CVE-2016-3258
Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection mechanism and write to files by leveraging unspecified object-manager features, aka "Windows File System...
Exim 4.84-3 - Privilege Escalation
Exploit for windows platform in category local exploits !/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps 0day.today 2018-02-19...
The vulnerability of the microprogramming software in Janitza UMG 508, 509, 511, 604, 605 power supply monitoring systems allows a perpetrator to read and write files or execute JASIC code.
The vulnerability of the debugging interface of Microprogramming Software for Control System Chains of Janitza UMG models 508, 509, 511, 604, and 605 is related to the absence of an authentication procedure. Exploiting this vulnerability allows a malicious actor to read and write files, or execut...
Avast-0 Directory Traversal Vulnerability
Avast is a suite of antivirus software from the Czech company Avast Avast. A directory traversal vulnerability exists in versions prior to Avast 150918-0. This allows remote attackers to delete or write arbitrary files via crafted entries in ZIP archives, deletion or writing...
QNAP Systems QNAP QTS Directory Traversal Vulnerability
QNAP Systems QNAP QTS is a Turbo NAS operating system from QNAP Systems. A directory traversal vulnerability exists in QNAP Systems QNAP QTS. When AFP is enabled in the program, a remote attacker can read or write arbitrary files by submitting a special directory traversal request while accessing...