Lucene search
K

12 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-42346

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS5.9AI score
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-14361

The CVE-2026-14361 issue affects consul-template prior to 0.42.1, where the writeToFile helper opens the destination path directly and follows links in the path. This can allow template output to be written outside the intended directory or overwrite an existing file. The root cause is path redir...

4.7CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added yesterday7 views

CVE-2026-14361 Consul-template is vulnerable to path redirection in writeToFile through symlink attack

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added yesterday4 views

Consul-template vulnerable to path redirections in writeToFile

The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in consul-templat...

4.7CVSS5.9AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 3:0 p.m.11 views

CVE-2020-27869

This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the...

9CVSS7.5AI score0.05091EPSS
Exploits0
NVD
NVD
added 2021/09/20 4:15 p.m.26 views

CVE-2021-39544

An issue was discovered in sela through 20200412. file::WavFile::writeToFile in wavfile.c has a heap-based buffer overflow...

7.8CVSS0.00739EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/09/20 3:27 p.m.27 views

CVE-2021-39544

An issue was discovered in sela through 20200412. file::WavFile::writeToFile in wavfile.c has a heap-based buffer overflow...

7.9AI score0.00739EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2021/09/20 12:0 a.m.29 views

SolarWinds Network Performance Monitor WriteToFile SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the lack of proper...

8.8CVSS2.5AI score0.05091EPSS
Exploits0
CNNVD
CNNVD
added 2021/09/20 12:0 a.m.4 views

Sela 缓冲区错误漏洞

Sela is a lossless audio codec. A security vulnerability exists in sela, which stems from a heap-based buffer overflow in file::WavFile::writeToFile in wav file.c. The vulnerability is caused by a heap-based buffer overflow in file::WavFile::writeToFile...

7.8CVSS7.6AI score0.00739EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/02/11 11:35 p.m.18 views

CVE-2020-27869

This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM: 2020.2. Authentication is required to exploit this vulnerability. The specific flaw exists within the WriteToFile method. The issue results from the...

8.8CVSS9.1AI score0.05091EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/10/31 12:0 a.m.27 views

Oracle Business Transaction Management 'FlashTunnelService' 'WriteToFile' Message RCE

The remote web server is hosting a version of Oracle Business Transaction Management that is affected by a remote code execution vulnerability. The 'FlashTunnelService' web service does not require authentication and exposes the 'WriteToFile' function, which can allow a remote, unauthenticated...

6.2AI score
Exploits0References1
Saint
Saint
added 2012/08/17 12:0 a.m.30 views

Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability

Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...

0.4AI score
Exploits0
Rows per page
Query Builder