Lucene search
K

5249 matches found

EUVD
EUVD
added 2025/11/19 8:30 p.m.4 views

EUVD-2025-198181

esm.sh CDN service has arbitrary file write via tarslip...

8.2CVSS6.6AI score0.00499EPSS
Exploits1References4
OSV
OSV
added 2025/11/19 8:15 p.m.6 views

CVE-2025-51661

A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. SystemFileStorage.savefile method in core/storage.py uses filenames from user input without validation to construct savepath and save...

7.5CVSS6.8AI score
Exploits0References2
CVE
CVE
added 2025/11/19 5:32 p.m.19 views

CVE-2025-65025

esm.sh CDN before v136 is vulnerable to path traversal during NPM tarball extraction. An attacker can craft a malicious package with file paths like package/../../tmp/evil.js, causing arbitrary files to be written outside the extraction directory when the tarball is unpacked. Multiple connected s...

9.8CVSS6.6AI score0.00499EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/19 5:32 p.m.4 views

CVE-2025-65025 esm.sh CDN service has arbitrary file write via tarslip

esm.sh is a nobuild content delivery networkCDN for modern web development. Prior to version 136, the esm.sh CDN service is vulnerable to path traversal during NPM package tarball extraction. An attacker can craft a malicious NPM package containing specially crafted file paths e.g.,...

8.2CVSS6.6AI score0.00499EPSS
Exploits1References2
NVD
NVD
added 2025/11/19 5:15 p.m.8 views

CVE-2025-34328

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...

9.8CVSS0.00621EPSS
Exploits2References4
OSV
OSV
added 2025/11/19 5:15 p.m.4 views

CVE-2025-34328

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...

9.8CVSS6AI score0.00621EPSS
Exploits2References4
Cvelist
Cvelist
added 2025/11/19 4:22 p.m.9 views

CVE-2025-34328 AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Upload RCE via ajaxScript.php

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...

9.3CVSS0.00621EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.6 views

PT-2025-47477

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodes files/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-suppli...

9.3CVSS7.1AI score0.00621EPSS
Exploits2References5
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.11 views

AudioCodes Fax Server 安全漏洞

AudioCodes Fax Server is a fax server from AudioCodes Israel. A security vulnerability exists in AudioCodes Fax Server version 2.6.23 and earlier, which originates from an unauthenticated script management endpoint and could lead to arbitrary file writing and execution...

9.8CVSS6.8AI score0.00621EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.4 views

PT-2025-47503

Name of the Vulnerable Software and Affected Versions esm.sh versions prior to 136 Description The esm.sh CDN service is susceptible to a path traversal issue during the extraction of NPM package tarballs. An attacker can create a malicious NPM package with crafted file paths, such as...

8.2CVSS6.7AI score0.00499EPSS
Exploits1References11
CVE
CVE
added 2025/11/18 10:10 p.m.108 views

CVE-2025-64324

KubeVirt’s hostDisk DiskOrCreate logic bug allows an attacker to read and write arbitrary files owned by more privileged users on the host, prior to fixes in 1.6.1 and 1.7.0. A patched version is available (e.g., 1.6.1/1.7.0); SUSE notes 1.6.3 as containing the fix.

8.5CVSS6.4AI score0.00207EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/11/18 10:10 p.m.9 views

CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write

KubeVirt is a virtual machine management add-on for Kubernetes. The hostDisk feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the DiskOrCreate...

8.5CVSS0.00207EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/11/14 10:52 p.m.7 views

CVE-2025-36236

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

9.1CVSS6.9AI score0.00428EPSS
Exploits0References1
OSV
OSV
added 2025/11/14 2:45 p.m.33 views

HSEC-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input

Arbitrary file write is possible when using PDF output or --extract-media with untrusted input Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafted image element in the input when generating files using the --extract-media option ...

6.1CVSS5.7AI score0.00349EPSS
Exploits1References1
Mageia
Mageia
added 2025/11/13 11:37 p.m.7 views

Updated python-setuptools packages fix security vulnerability

Setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write. CVE-2025-47273...

8.8CVSS7AI score0.01479EPSS
Exploits4References2
OSV
OSV
added 2025/11/13 10:15 p.m.4 views

CVE-2025-36236

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

9.1CVSS5.9AI score0.00428EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 10:1 p.m.8 views

CVE-2025-36236 AIX Path Traversal

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...

8.2CVSS0.00428EPSS
Exploits0References1
OSV
OSV
added 2025/11/13 9:15 p.m.6 views

CVE-2025-47221

An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. The properties ARCHIVETODISKFILENAME-PATTERN, ARCHIVETODISKPATHBASE, ARCHIVETODISKPATHPATTERN can be set to any path, even ones that will point to files that already exist. This vulnerability gives a user with admi...

5.3CVSS5.8AI score0.00217EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/11/13 12:23 a.m.4 views

SUSE CVE-2025-64486

calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames when handling binary assets in FB2 files, allowing an attacker to write arbitrary files on the filesystem when viewing or converting a malicious FictionBook file. This can be leveraged to achieve...

9.3CVSS7.8AI score0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.11 views

PT-2025-46922

Name of the Vulnerable Software and Affected Versions IBM AIX versions 7.2 and 7.3 IBM VIOS versions 3.1 and 4.1 Description The NIM server service formerly known as NIM master – nimesis – may allow a remote attacker to traverse directories on the system. An attacker could send a specially crafte...

9.1CVSS6.5AI score0.00428EPSS
Exploits0References11
Rows per page
Query Builder