Moderate: Red Hat Security Advisory: socat security update

An update for socat is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : socat (RHSA-2025:10646)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10646 advisory. The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of...

RHEL 9 : socat (RHSA-2025:10544)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10544 advisory. The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of...

Moderate: Red Hat Security Advisory: socat security update

An update for socat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

socat: arbitrary file overwrite via predictable /tmp directory

A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...

RHEL 9 : socat (RHSA-2025:10353)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10353 advisory. The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of...

ALSA-2025:10353 Moderate: socat security update

The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of channels, such as files, pipes, devices, and sockets. Security Fixes: socat: arbitrary file overwrite via predictable /tmp directory CVE-2024-54661 F...

Moderate: socat security update

The socat utility establishes bi-directional byte streams and transfers data between them. The utility can establish streams between a large set of channels, such as files, pipes, devices, and sockets. Security Fixes: socat: arbitrary file overwrite via predictable /tmp directory CVE-2024-54661 F...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the fileUploadHandler function in the rest.go file. An attacker can overwrite arbitrary files owned by the application user by uploading files with crafted path names, potentially modifying application behavior o...

[ASA-202506-8] erlang: arbitrary file overwrite

Arch Linux Security Advisory ASA-202506-8 ========================================= Severity: Medium Date : 2025-06-19 CVE-ID : CVE-2025-4748 Package : erlang Type : arbitrary file overwrite Remote : No Link : https://security.archlinux.org/AVG-2900 Summary ======= The package erlang before versi...

CVE-2025-32799

The Conda-build contains commands and tools to build Conda packages. Prior to version 25.4.0, the conda-build processing logic is vulnerable to path traversal Tarslip attacks due to improper sanitization of tar entry paths. This flaw allows attackers to craft tar archives containing entries with...

CVE-2025-36506

External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a specially crafted request, arbitrary files in the file system can be overwritten with log data...

RICOH Streamline NX V3 PC Client 安全漏洞

RICOH Streamline NX V3 PC Client is a complete solution for large-scale, integrated management of devices from Ricoh RICOH Japan. A security vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 through 3.242.0, which originates from a file name or path external control, and cou...

DEBIAN-CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

ISC Kea 安全漏洞

ISC Kea is a modern open source DHCPv4 and DHCPv6 server from the ISC organization. A security vulnerability exists in ISC Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8, which stems from configuration and API directives that can overwrite arbitrary files,...

UBUNTU-CVE-2025-32802

Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions...

CVE-2025-24891

Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...

CVE-2024-28072

A highly privileged account can overwrite arbitrary files on the system with log output. The log file path tags were not sanitized properly...

CVE-2024-25975

The application implements an up- and downvote function which alters a value within a JSON file. The POST parameters are not filtered properly and therefore an arbitrary file can be overwritten. The file can be controlled by an authenticated attacker, the content cannot be controlled. It is...