Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

Atlassian Confluence 7.19.0 < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101478)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-101478 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. Thi...

7.5CVSS6.4AI score0.02186EPSS
Exploits2References2
Atlassian
Atlassian
added 2025/11/13 11:27 a.m.13 views

File Inclusion tar-fs Dependency in Confluence Data Center and Server

This High severity File Inclusion vulnerability known as CVE-2024-12905 was introduced in 7.19 of Confluence Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows an unauthenticated attacker to expose assets in...

7.5CVSS6.9AI score0.02186EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-12905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a Restricted Directory Path Traversal. This vulnerability...

7.5CVSS6.7AI score0.02186EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2025/06/12 12:0 a.m.4 views

Debian: Security Advisory (DLA-4214-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7.5AI score0.02186EPSS
Exploits2References2
Debian
Debian
added 2025/06/11 8:57 p.m.6 views

[SECURITY] [DLA 4214-1] node-tar-fs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4214-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk June 11, 2025 https://wiki.debian.org/LTS -...

8.7CVSS7.1AI score0.02186EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-e73ea121f5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02186EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-8eb387668b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02186EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2025/04/22 12:0 a.m.259 views

📄 tar-fs 3.0.0 Arbitrary File Write

tar-fs version 3.0.0 suffers from an arbitrary file write vulnerability. Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE:...

7.5CVSS7.8AI score0.02186EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/04/22 12:0 a.m.242 views

tar-fs 3.0.0 - Arbitrary File Write/Overwrite

Exploit Title: tar-fs 3.0.0 - Arbitrary File Write/Overwrite Date: 17th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mafintosh/tar-fs Version: tar-fs 3.0.0 Tested on: Ubuntu CVE: CVE-2024-12905 Run the command: Example: python3 exploit.py authorizedkeys...

7.5CVSS7.4AI score0.02186EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: reaper (CVE-2024-12905)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12905 advisory. - An Improper Link Resolution Before File Access Link Following and Improper Limitation of a Pathname to a...

7.5CVSS6.4AI score0.02186EPSS
Exploits2References2
CBLMariner
CBLMariner
added 2025/04/11 6:10 p.m.11 views

CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18

CVE-2024-12905 affecting package reaper for versions less than 3.1.1-18. A patched version of the package is available...

7.5CVSS6.9AI score0.02186EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/04/07 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2025-f7671643c4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02186EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/04/06 12:0 a.m.15 views

Fedora 40 : yarnpkg (2025-f7671643c4)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7671643c4 advisory. Fix CVE-2024-12905. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

7.5CVSS6.5AI score0.02186EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/04/06 12:0 a.m.9 views

Fedora 41 : yarnpkg (2025-8eb387668b)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-8eb387668b advisory. Fix CVE-2024-12905. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

7.5CVSS6.5AI score0.02186EPSS
Exploits2References2
Wolfi
Wolfi
added 2025/04/01 10:43 p.m.20 views

CVE-2024-12905 vulnerabilities

Vulnerabilities for packages: sqlpad, code-server, tileserver-gl...

7.5CVSS6.7AI score0.02186EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2025/03/27 6:31 p.m.7 views

@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +388 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)

tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...

7.5CVSS6.6AI score0.02186EPSS
Exploits2
Circl
Circl
added 2025/03/27 6:31 p.m.6 views

CVE-2024-12905

creationtimestamp| type| source ---|---|--- 2025-03-27 18:31:28+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pq67-2wwv-3xjx 2025-03-27 19:09:52+00:00| seen| https://t.me/cvedetector/21321 2025-04-20 16:01:34+00:00| published-proof-of-concept|...

7.5CVSS6AI score0.02186EPSS
Exploits2References6
OSV
OSV
added 2025/03/27 5:15 p.m.8 views

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

7.5CVSS6.8AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/03/27 5:15 p.m.7 views

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

7.5CVSS6.8AI score0.02186EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/03/27 4:25 p.m.8 views

CVE-2024-12905

An Improper Link Resolution Before File Access "Link Following" and Improper Limitation of a Pathname to a Restricted Directory "Path Traversal". This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intend...

7.5CVSS7.2AI score0.02186EPSS
Exploits2References2
Rows per page
Query Builder