CVE-2025-25041

A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM root. A successful exploit could allow the creation of a Denial-of-Service DoS condition affecting the Microsoft Windows Operating System...

CVE-2025-30441

This issue was addressed through improved state management. This issue is fixed in Xcode 16.3. An app may be able to overwrite arbitrary files...

Apple Xcode Security Update (HT122380)

Apple Xcode is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:xcode"; ifdescription...

CVE-2025-25041

A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM root. A successful exploit could allow the creation of a Denial-of-Service DoS condition affecting the Microsoft Windows Operating System...

CVE-2025-25041

CVE-2025-25041 affects the HPE Aruba Networking VIA Client on Windows, allowing malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM and potentially cause a DoS on Windows; Linux/Android are not affected. Connected sources note a related advisory (hpesbnw04841) and that the VIA cli...

CVE-2025-25041 Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client

A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM root. A successful exploit could allow the creation of a Denial-of-Service DoS condition affecting the Microsoft Windows Operating System...

CVE-2025-25041 Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client

A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM root. A successful exploit could allow the creation of a Denial-of-Service DoS condition affecting the Microsoft Windows Operating System...

hornetq-core-client: Arbitrarily overwrite files or access sensitive information

A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2025-923)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-923 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence...

Medium: python-pip

Issue Overview: Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. CVE-2007-4559...

PT-2025-14368 · Hewlett Packard · Hpe Aruba Networking Virtual Intranet Access (Via) Client

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking Virtual Intranet Access VIA client affected versions not specified Description: A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT...

Amazon Linux 2 : python-pip (ALAS-2025-2814)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2814 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence i...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2025-924)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-924 advisory. Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence...

CVE-2025-30441

This issue was addressed through improved state management. This issue is fixed in Xcode 16.3. An app may be able to overwrite arbitrary files...

CVE-2025-30441

CVE-2025-30441 affects Apple Xcode and is tied to an out-of-bounds write that could allow an app to overwrite arbitrary files. The issue is described as being addressed through improved state management and fixed in Xcode 16.3. Connected sources corroborate the vulnerability in the Xcode IDE and ...

About the security content of Xcode 16.3

About the security content of Xcode 16.3 This document describes the security content of Xcode 16.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Apple Xcode 缓冲区错误漏洞

Apple Xcode is an integrated development environment developed by Apple Inc. Apple Xcode suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause an application to overwrite arbitrary files...

Arbitrary File Overwrite

ai.h2o, h2o-core is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a lack of export location restrictions in the model export endpoint, allowing an attacker to overwrite arbitrary files on the server...

The vulnerability of the readline.sh component in the socat redirecting utility allows a hacker to overwrite any files in the system.

The vulnerability of the readline.sh utility for socket redirection involves tracking symbolic links in UNIX systems. Exploiting this vulnerability allows a remote attacker to re-write any files in the system...

Arbitrary File Overwrite

H2O-3 is vulnerable to Arbitrary File Overwrite. The vulnerability is due to improper input validation due to the exportModelDetails function in ModelsHandler.java allowing user-controlled input in the mexport.dir parameter, enabling overwriting files at arbitrary locations on the host system...