Linux Distros Unpatched Vulnerability : CVE-2019-11249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to...

Linux Distros Unpatched Vulnerability : CVE-2018-7442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially...

Linux Distros Unpatched Vulnerability : CVE-2009-4490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly...

Linux Distros Unpatched Vulnerability : CVE-2019-16777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritte...

CVE-2025-55746

Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents without changes being applied to the files'...

GHSA-P7Q8-GRRJ-3M8W Copier's safe template has filesystem write access outside destination path

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path...

Copier's safe template has filesystem write access outside destination path

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path...

CVE-2025-55214

Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it...

CLSA-2025-1755271747 dmidecode: Fix of CVE-2023-30630

CVE-2023-30630: prevent --dump-bin from overwriting local files to address privilege escalation vulnerability...

CVE-2025-55345

Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...

CVE-2025-55345

Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...

CVE-2025-55345

Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...

CVE-2025-55345

CVE-2025-55345 concerns OpenAI Codex CLI when used in a restricted workspace-write sandbox. The issue arises because symlinks are followed outside the allowed current working directory in a malicious context (repo/directory), enabling arbitrary file overwrite and potentially remote code execution...

CVE-2025-55345 Unsafe symlink following in restricted workspace-write sandbox leads to RCE

Using Codex CLI in workspace-write mode inside a malicious context repo, directory, etc could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory...

PT-2025-32971 · Codex Cli · Codex Cli

Name of the Vulnerable Software and Affected Versions: Codex CLI affected versions not specified Description: Using Codex CLI in workspace-write mode within a malicious context repository, directory, etc. may lead to arbitrary file overwrite and potentially remote code execution. This occurs...

GHSA-C9RC-MG46-23W3 Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

Summary It is possible to bypass the mitigation introduced in response to CVE-2025-1550, when an untrusted Keras v3 model is loaded, even when “safemode” is enabled, by crafting malicious arguments to built-in Keras modules. The vulnerability is exploitable on the default configuration and does n...

CVE-2024-52964

Fortinet FortiManager and FortiManager Cloud are affected by a Path Traversal (CWE-22) vulnerability (CVE-2024-52964). An authenticated remote attacker can overwrite arbitrary files via FGFM crafted requests. Affected versions include FortiManager 7.6.0–7.6.1, 7.4.0–7.4.5, 7.2.0–7.2.9, and all re...

PT-2025-32873 · Fortinet · Fortimanager Cloud +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiManager versions 7.6.0 through 7.6.1 Fortinet FortiManager versions 7.4.0 through 7.4.5 Fortinet FortiManager versions 7.2.0 through 7.2.9 Fortinet FortiManager versions prior to 7.0.13 Fortinet FortiManager Cloud versions 7.6.0...

PT-2025-66: Arbitrary file write in Booco

The vulnerability was identified in Booco, version Server v2.38.3. The discovered vulnerability allows an attacker to supply a relative path in a parameter, which results in a new file being created or an existing file being overwritten in any directory of the file system. Vulnerability status:...

Fortinet FortiManager Arbitrary file overwrite in FGFMd (FG-IR-24-473)

The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-473 advisory. - An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability CWE-22 in Fortinet...