Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Perl vulnerability (USN-7678-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7678-1 advisory. It was discovered that Perl threads incorrectly handled certain file operations. A local attacker could possibly use this issue to load code o...

RLSA-2025:11805 Moderate: perl security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 For more details about the security...

USN-7678-1 perl vulnerability

It was discovered that Perl threads incorrectly handled certain file operations. A local attacker could possibly use this issue to load code or access files from unexpected locations...

USN-7678-1: Perl vulnerability

It was discovered that Perl threads incorrectly handled certain file operations. A local attacker could possibly use this issue to load code or access files from unexpected locations...

Perl threads have a working directory race condition where file operations may target unintended paths

...

Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloadChangedFiles function. The issue results from the lack of proper...

RHEL 9 : perl (RHSA-2025:11804)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11804 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl...

Moderate: perl security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 For more details about the security...

RHEL 8 : perl (RHSA-2025:11805)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11805 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl...

RHEL 9 : perl (RHSA-2025:11545)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11545 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl...

Bluebird 安全漏洞

Bluebird is an application from Bluebird South Korea that is used to lock a device into a dedicated mode, restricting a user's access to only specified features or applications. A security vulnerability exists in Bluebird version 1.4.4, which stems from the File Manager application exposing an...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a denial of service vulnerability , the vulnerability stems from a flaw in the file handling log...

SAP BusinessObjects Business Intelligence Platform Insecure File Operations Vulnerability (3565279)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote host is prior to 2025 SP000 000000, 4.3 SP004 001300, or 4.3 SP005 000000. It is, therefore, affected by a vulnerability as referenced in the 3565279 advisory. The file upload logic in Apache Struts is flawe...

CVE-2025-6799

Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. T...

CVE-2025-6797

Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. T...

Siemens SINEC NMS uploadFWBinary Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementation of the...

CVE-2025-6794

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2025-6799 Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability

Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. T...

EUVD-2025-20257

Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. T...

EUVD-2025-20261

Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this...