Lucene search
K

38 matches found

Chainguard
Chainguard
added 2 days ago3 views

CVE-2025-12905 vulnerabilities

Vulnerabilities for packages: chromium...

5.4CVSS6AI score0.00141EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

Atlassian Confluence 7.19.0 < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101478)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101478 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. Thi...

7.5CVSS6.4AI score0.02186EPSS
Exploits2References2
Atlassian
Atlassian
added 2025/11/13 11:27 a.m.13 views

File Inclusion tar-fs Dependency in Confluence Data Center and Server

This High severity File Inclusion vulnerability known as CVE-2024-12905 was introduced in 7.19 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows an unauthenticated attacker to expose assets in...

7.5CVSS6.9AI score0.02186EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2025/11/08 12:15 a.m.3 views

CVE-2025-12905

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.9AI score0.00141EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/11/07 11:23 p.m.7 views

CVE-2025-12905

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.4AI score0.00141EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-12905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. This vulnerability...

7.5CVSS6.7AI score0.02186EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2025/06/12 12:0 a.m.4 views

Debian: Security Advisory (DLA-4214-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7.5AI score0.02186EPSS
Exploits2References2
Debian
Debian
added 2025/06/11 8:57 p.m.6 views

[SECURITY] [DLA 4214-1] node-tar-fs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4214-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 11, 2025 https://wiki.debian.org/LTS -...

8.7CVSS7.1AI score0.02186EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-e73ea121f5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02186EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-8eb387668b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02186EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.258 views

📄 tar-fs 3.0.0 Arbitrary File Write

tar-fs version 3.0.0 suffers from an arbitrary file write vulnerability. Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE:...

7.5CVSS7.8AI score0.02186EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.241 views

tar-fs 3.0.0 - Arbitrary File Write/Overwrite

Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE: CVE-2024-12905 Run the command: Example: python3 exploit.py authorizedkeys...

7.5CVSS7.4AI score0.02186EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: reaper (CVE-2024-12905)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12905 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a...

7.5CVSS6.4AI score0.02186EPSS
Exploits2References2
CBLMariner
CBLMariner
added 2025/04/11 6:10 p.m.11 views

CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18

CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18. A patched version of the package is available...

7.5CVSS6.9AI score0.02186EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/04/07 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2025-f7671643c4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02186EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/04/06 12:0 a.m.14 views

Fedora 40 : yarnpkg (2025-f7671643c4)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7671643c4 advisory. Fix CVE-2024-12905. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

7.5CVSS6.5AI score0.02186EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/04/06 12:0 a.m.8 views

Fedora 41 : yarnpkg (2025-8eb387668b)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-8eb387668b advisory. Fix CVE-2024-12905. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

7.5CVSS6.5AI score0.02186EPSS
Exploits2References2
Wolfi
Wolfi
added 2025/04/01 10:43 p.m.19 views

CVE-2024-12905 vulnerabilities

Vulnerabilities for packages: code-server, sqlpad, tileserver-gl...

7.5CVSS6.7AI score0.02186EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2025/03/27 6:31 p.m.7 views

@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +388 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)

tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...

7.5CVSS6.6AI score0.02186EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2025/03/27 6:31 p.m.5 views

0wcc9yywcywy (=1.0.0), 0wu8yw8by8cw (=1.0.0) +2805 more potentially affected by CVE-2024-12905 via tar-fs (>=3.0.2 <=3.0.6)

tar-fs NPM version =3.0.2, =0.0.1, =2.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3XJX...

7.5CVSS6.6AI score0.02186EPSS
Exploits2
Rows per page
Query Builder