38 matches found
CVE-2025-12905 vulnerabilities
Vulnerabilities for packages: chromium...
Atlassian Confluence 7.19.0 < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101478)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101478 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. Thi...
File Inclusion tar-fs Dependency in Confluence Data Center and Server
This High severity File Inclusion vulnerability known as CVE-2024-12905 was introduced in 7.19 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows an unauthenticated attacker to expose assets in...
CVE-2025-12905
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. Chromium security severity: Low...
CVE-2025-12905
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2024-12905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. This vulnerability...
Debian: Security Advisory (DLA-4214-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4214-1] node-tar-fs security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4214-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 11, 2025 https://wiki.debian.org/LTS -...
Fedora: Security Advisory (FEDORA-2025-e73ea121f5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-8eb387668b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
📄 tar-fs 3.0.0 Arbitrary File Write
tar-fs version 3.0.0 suffers from an arbitrary file write vulnerability. Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE:...
tar-fs 3.0.0 - Arbitrary File Write/Overwrite
Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE: CVE-2024-12905 Run the command: Example: python3 exploit.py authorizedkeys...
CBL Mariner 2.0 Security Update: reaper (CVE-2024-12905)
The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12905 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a...
CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18
CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18. A patched version of the package is available...
Fedora: Security Advisory (FEDORA-2025-f7671643c4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : yarnpkg (2025-f7671643c4)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7671643c4 advisory. Fix CVE-2024-12905. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...
Fedora 41 : yarnpkg (2025-8eb387668b)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-8eb387668b advisory. Fix CVE-2024-12905. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...
CVE-2024-12905 vulnerabilities
Vulnerabilities for packages: code-server, sqlpad, tileserver-gl...
@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +388 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)
tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...
0wcc9yywcywy (=1.0.0), 0wu8yw8by8cw (=1.0.0) +2805 more potentially affected by CVE-2024-12905 via tar-fs (>=3.0.2 <=3.0.6)
tar-fs NPM version =3.0.2, =0.0.1, =2.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3XJX...