Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
w. cashdollar vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-7490
The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates files in /tmp insecurely. A malicious local user could create a symlink in /tmp and possibly clobber system files or perhaps elevate privileges.
Teradata Studio Express 15.12.00.00
7.8
CVSSv3
CVE-2015-7556
DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.
Delegate Delegate 9.9.13
1 EDB exploit
NA
CVE-1999-1405
snap command in AIX prior to 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd be...
Ibm Aix 4.2.1
Ibm Aix 3.2.5
Ibm Aix 4.1.4
Ibm Aix 4.2
Ibm Aix 4.1.5
Ibm Aix 4.1.2
Ibm Aix 4.1
Ibm Aix 4.1.3
1 EDB exploit
NA
CVE-2013-1933
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a PDF filename.
Documentcloud Karteek-docsplit 0.5.4
NA
CVE-2013-1948
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in a filename.
Rob Westgeest Md2pdf 0.0.1
NA
CVE-2013-4203
The self.run_gpg function in lib/rgpg/gpg_helper.rb in the rgpg gem prior to 0.2.3 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Richard Cook Rgpg 0.2.0
Richard Cook Rgpg 0.2.1
Richard Cook Rgpg
NA
CVE-2015-4414
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5-album-audio-player) plugin 1.1.0 and previous versions for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Se Html5 Album Audio Player Project Se Html5 Album Audio Player
1 EDB exploit
NA
CVE-2001-0059
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
Sun Sunos 5.7
1 EDB exploit
7.8
CVSSv3
CVE-2016-7488
Teradata Virtual Machine Community Edition v15.10 has insecure file permissions on /etc/luminex/pkgmgr. These could allow a local user to modify its contents and execute commands as root.
Teradata Virtual Machine 15.10
9.8
CVSSv3
CVE-2016-7489
Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.
Teradata Virtual Machine 15.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »