Total
685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1840 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 6.8 MEDIUM | 6.0 MEDIUM |
|
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated privileges on the system, caused when a security domain is configured to use a federated repository other than global federated repository and then migrated to a newer release of WebSphere Application Server. IBM X-Force ID: 150813.
|
|||||
| CVE-2018-18068 | 1 Raspberrypi | 2 Raspberry Pi 3 Model B\+, Raspberry Pi 3 Model B\+ Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug target processor B running in any privilege level, the debugging feature allows A to halt B and promote B to any privilege level. As a debug host, A has full control of B even if B owns a higher privil ...
Show More |
|||||
| CVE-2018-16494 | 1 Versa-networks | 1 Versa Operating System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
|
|||||
| CVE-2018-15591 | 1 Ivanti | 1 Workspace Control | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting restrictions to execute arbitrary code by leveraging multiple unspecified attack vectors.
|
|||||
| CVE-2018-10361 | 1 Kde | 1 Ktexteditor | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts ...
Show More |
|||||
| CVE-2017-18129 | 1 Qualcomm | 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains.
|
|||||
| CVE-2017-18073 | 1 Qualcomm | 18 Mdm9206, Mdm9206 Firmware, Mdm9607 and 15 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, the HLOS can gain access to unauthorized memory.
|
|||||
| CVE-2017-16610 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4751.
|
|||||
| CVE-2017-16606 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp._3d.add_005f3d_005fview_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not pro ...
Show More |
|||||
| CVE-2017-16605 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.db.save_005fattrs_jsp servlet, which listens on TCP port 8081 by default. When parsing the id parameter, the process does not properly validate a user-supplied pat ...
Show More |
|||||
| CVE-2017-16604 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.cnnic.asset.deviceReport.deviceReport_005fexport_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process do ...
Show More |
|||||
| CVE-2017-16603 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.settings.upload_005ffile_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not pr ...
Show More |
|||||
| CVE-2017-16601 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not pr ...
Show More |
|||||
| CVE-2017-16600 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly valid ...
Show More |
|||||
| CVE-2017-16599 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.misc.sample_jsp servlet, which listens on TCP port 8081 by default. When parsing the type parameter, the process does not properly validate a user-s ...
Show More |
|||||
| CVE-2017-16598 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the ip parameter, the process does not proper ...
Show More |
|||||
| CVE-2017-16597 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Adminis ...
Show More |
|||||
| CVE-2017-16593 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.restore.del_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filenames parameter, the process does not properly validate a user-supplie ...
Show More |
|||||
| CVE-2017-15393 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.
|
|||||
| CVE-2017-12576 | 1 Planex | 2 Cs-qr20, Cs-qr20 Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly (/admin/system_command.asp), you can execute any command.
|
|||||
| CVE-2017-0367 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.
|
|||||
| CVE-2016-11010 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.
|
|||||
| CVE-2016-11009 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.
|
|||||
| CVE-2016-11008 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.
|
|||||
| CVE-2016-11007 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.
|
|||||
| CVE-2016-11006 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.
|
|||||
| CVE-2016-10840 | 1 Cpanel | 1 Cpanel | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
|
|||||
| CVE-2015-9550 | 1 Totolink | 16 A850r-v1, A850r-v1 Firmware, F1-v2 and 13 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.
|
|||||
| CVE-2014-2387 | 3 Debian, Opensuse, Pen Project | 3 Debian Linux, Opensuse, Pen | 2024-11-21 | 4.6 MEDIUM | 4.4 MEDIUM |
|
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities
|
|||||
| CVE-2014-0023 | 1 Redhat | 1 Openshift | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
|
|||||
| CVE-2013-4561 | 1 Redhat | 1 Openshift | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
|
|||||
| CVE-2013-4374 | 1 Redhat | 2 Jboss Operations Network, Rhq Mongo Db Drift Server | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.
|
|||||
| CVE-2013-4280 | 1 Redhat | 3 Enterprise Virtualization, Storage, Virtual Desktop Server Manager | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
|
|||||
| CVE-2013-2183 | 1 Monkey-project | 1 Monkey | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
Monkey HTTP Daemon has local security bypass
|
|||||
| CVE-2013-0163 | 1 Redhat | 1 Openshift | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
|
|||||
| CVE-2012-5639 | 3 Apache, Debian, Libreoffice | 3 Openoffice, Debian Linux, Libreoffice | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
LibreOffice and OpenOffice automatically open embedded content
|
|||||
| CVE-2009-5042 | 2 Debian, Python-docutils Project | 2 Debian Linux, Python-docutils | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
python-docutils allows insecure usage of temporary files
|
|||||
| CVE-2008-7291 | 2 Debian, Gri Project | 2 Debian Linux, Gri | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
gri before 2.12.18 generates temporary files in an insecure way.
|
|||||
| CVE-2008-2544 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.
|
|||||
| CVE-2007-3915 | 1 Mandriva | 1 Mondo | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Mondo 2.24 has insecure handling of temporary files.
|
|||||