Vulnerabilities > Write-what-where Condition

DATE CVE VULNERABILITY TITLE RISK
2018-10-25 CVE-2018-3971 Write-what-where Condition vulnerability in Sophos Hitmanpro.Alert 3.7.6.744
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744.
local
low complexity
sophos CWE-123
7.8
2018-10-05 CVE-2018-15376 Write-what-where Condition vulnerability in Cisco IOS 15.5(2.21)T/15.6(3)M
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device.
local
low complexity
cisco CWE-123
6.7
2018-10-05 CVE-2018-15375 Write-what-where Condition vulnerability in Cisco IOS 15.5(2.21)T/15.6(3)M
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device.
local
low complexity
cisco CWE-123
6.7
2018-09-12 CVE-2018-16962 Write-what-where Condition vulnerability in Webroot Secureanywhere
Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.
local
low complexity
webroot CWE-123
7.8
2018-06-07 CVE-2018-12036 Write-what-where Condition vulnerability in Owasp Dependency-Check
OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
local
low complexity
owasp CWE-123
7.8
2018-03-06 CVE-2017-6282 Write-what-where Condition vulnerability in multiple products
NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges.
local
low complexity
nvidia google CWE-123
7.8
2017-07-07 CVE-2017-10994 Write-what-where Condition vulnerability in Foxitsoftware Foxit Reader
Foxit Reader before 8.3.1 and PhantomPDF before 8.3.1 have an Arbitrary Write vulnerability, which allows remote attackers to execute arbitrary code via a crafted document.
local
low complexity
foxitsoftware CWE-123
7.3
2017-04-13 CVE-2015-8271 Write-what-where Condition vulnerability in Rtmpdump Project Rtmpdump 2.4
The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code.
network
low complexity
rtmpdump-project CWE-123
critical
9.8