Total
622 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10361 | 1 Kde | 1 Ktexteditor | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation. | |||||
| CVE-2017-18129 | 1 Qualcomm | 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains. | |||||
| CVE-2017-18073 | 1 Qualcomm | 18 Mdm9206, Mdm9206 Firmware, Mdm9607 and 15 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, the HLOS can gain access to unauthorized memory. | |||||
| CVE-2017-16610 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4751. | |||||
| CVE-2017-16606 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp._3d.add_005f3d_005fview_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5197. | |||||
| CVE-2017-16605 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.db.save_005fattrs_jsp servlet, which listens on TCP port 8081 by default. When parsing the id parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5196. | |||||
| CVE-2017-16604 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.cnnic.asset.deviceReport.deviceReport_005fexport_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5195. | |||||
| CVE-2017-16603 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.settings.upload_005ffile_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate user-supplied data, which can allow for the upload of files. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5194. | |||||
| CVE-2017-16601 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.service.service_005ffailures_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5192. | |||||
| CVE-2017-16600 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5191. | |||||
| CVE-2017-16599 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.reports.templates.misc.sample_jsp servlet, which listens on TCP port 8081 by default. When parsing the type parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of Administrator. Was ZDI-CAN-5190. | |||||
| CVE-2017-16598 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the ip parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5138. | |||||
| CVE-2017-16597 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5137. | |||||
| CVE-2017-16593 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.restore.del_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filenames parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete any files accessible to the Administrator user. Was ZDI-CAN-5104. | |||||
| CVE-2017-15393 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak. | |||||
| CVE-2017-12576 | 1 Planex | 2 Cs-qr20, Cs-qr20 Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management page was used for debugging purposes, once you login and access the page directly (/admin/system_command.asp), you can execute any command. | |||||
| CVE-2017-0367 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure. | |||||
| CVE-2016-11010 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates. | |||||
| CVE-2016-11009 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates. | |||||
| CVE-2016-11008 | 1 Usabilitydynamics | 1 Wp-invoice | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates. | |||||