Lucene search
K

1649 matches found

OSV
OSV
added 2025/12/09 5:18 p.m.3 views

GHSA-GQFV-G4V7-M366 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

Summary Function importZipMd is vulnerable to ZipSlip which allows an authenticated user to overwrite files on the system. Details An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, the vulnerable function is importZipMd, this can...

7.8CVSS8.2AI score0.00368EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/09 5:18 p.m.4 views

EUVD-2025-202175

SiYuan: ZipSlip - Arbitrary File Overwrite - RCE...

7.8CVSS6.4AI score0.00368EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/12/09 5:18 p.m.6 views

SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

Summary Function importZipMd is vulnerable to ZipSlip which allows an authenticated user to overwrite files on the system. Details An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, the vulnerable function is importZipMd, this can...

8.8CVSS8.3AI score0.00368EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/27 12:58 a.m.10 views

CVE-2025-66262

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive...

9.8CVSS7.4AI score0.01246EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.4 views

DB Electronica Mozart FM Transmitter 安全漏洞

The DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from the Italian company DB Electronica. A security vulnerability exists in DB Electronica Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 that originates fr...

9.8CVSS6.7AI score0.01246EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/11/12 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2376)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.1CVSS7.1AI score0.00731EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.6 views

EulerOS 2.0 SP12 : vim (EulerOS-SA-2025-2376)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

4.1CVSS7.2AI score0.00731EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in Vim

Vim is an open-source, command-line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin could allow overwriting of arbitrary files when opening specially crafted zip archives. The impact is limited because this exploit requires direct user interaction. However,...

4.1CVSS6.6AI score0.00731EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2025/10/29 12:23 a.m.1 views

SUSE CVE-2025-62725

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker-supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

8.3CVSS8.8AI score0.13848EPSS
Exploits0References7
OSV
OSV
added 2025/10/27 9:15 p.m.6 views

UBUNTU-CVE-2025-62725

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

8.9CVSS5.9AI score0.13848EPSS
Exploits0References4
OSV
OSV
added 2025/10/27 8:19 p.m.5 views

GHSA-GV8H-7V7W-R22Q Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

8.9CVSS6.8AI score0.13848EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2000-0922

Malware in sbrugna...

7.2CVSS6.4AI score0.01287EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-0170

Malware in sbrugna...

6.6CVSS6.2AI score0.00391EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0483

Malware in sbrugna...

7.5CVSS7.5AI score0.02106EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-20866

Malware in sbrugna...

7.1CVSS7AI score0.00279EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-1428

Malware in sbrugna...

4.6CVSS6.4AI score0.00548EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4920

Malware in sbrugna...

6.9CVSS6.3AI score0.0039EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2007-4823

Malware in sbrugna...

9.3CVSS6.4AI score0.02687EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-0291

Malware in sbrugna...

4.4CVSS6.4AI score0.00346EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-0470

Malware in sbrugna...

2.1CVSS6.4AI score0.00339EPSS
Exploits0References3
Rows per page
Query Builder