12 matches found
EUVD-2026-42346
The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...
CVE-2026-14361
The CVE-2026-14361 issue affects consul-template prior to 0.42.1, where the writeToFile helper opens the destination path directly and follows links in the path. This can allow template output to be written outside the intended directory or overwrite an existing file. The root cause is path redir...
CVE-2026-14361 Consul-template is vulnerable to path redirection in writeToFile through symlink attack
The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...
Consul-template vulnerable to path redirections in writeToFile
The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...
CVE-2020-27869
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the...
CVE-2021-39544
An issue was discovered in sela through 20200412. file::WavFile::writeToFile in wavfile.c has a heap-based buffer overflow...
CVE-2021-39544
An issue was discovered in sela through 20200412. file::WavFile::writeToFile in wavfile.c has a heap-based buffer overflow...
SolarWinds Network Performance Monitor WriteToFile SQL Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the lack of proper...
Sela 缓冲区错误漏洞
Sela is a lossless audio codec. A security vulnerability exists in sela, which stems from a heap-based buffer overflow in file::WavFile::writeToFile in wav file.c. The vulnerability is caused by a heap-based buffer overflow in file::WavFile::writeToFile...
CVE-2020-27869
This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the...
Oracle Business Transaction Management 'FlashTunnelService' 'WriteToFile' Message RCE
The remote web server is hosting a version of Oracle Business Transaction Management that is affected by a remote code execution vulnerability. The 'FlashTunnelService' web service does not require authentication and exposes the 'WriteToFile' function, which can allow a remote, unauthenticated...
Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability
Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...