17758 matches found
CVE-2025-54916
CVE-2025-54916 is a Windows NTFS remote code execution vulnerability described as a stack-based overflow in NTFS. Connected sources confirm NTFS is affected and assign a high severity (CVSS ≈ 7.8). Public sources (including Krebs/NCSC) categorize this as an RCE issue for Windows NTFS, with exploi...
TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs
Cybersecurity researchers have discovered a variant of a recently disclosed campaign that abuses the TOR network for cryptojacking attacks targeting exposed Docker APIs. Akamai, which discovered the latest activity last month, said it's designed to block other actors from accessing the Docker API...
GHSA-CVM2-5F78-G9M8 TYPO3 CMS exposes sensitive information in an error message
Error messages containing sensitive information in the File Abstraction Layer in TYPO3 CMS versions 9.0.0-9.5.54, 10.0.0-10.4.53, 11.0.0-11.5.47, 12.0.0-12.4.36, and 13.0.0-13.4.17 allow backend users to disclose full file paths via failed low-level file-system operations...
CVE-2025-59016
Error messages containing sensitive information in the File Abstraction Layer in TYPO3 CMS versions 9.0.0-9.5.54, 10.0.0-10.4.53, 11.0.0-11.5.47, 12.0.0-12.4.36, and 13.0.0-13.4.17 allow backend users to disclose full file paths via failed low-level file-system operations...
CVE-2025-59016 Information Disclosure via File Abstraction Layer
Error messages containing sensitive information in the File Abstraction Layer in TYPO3 CMS versions 9.0.0-9.5.54, 10.0.0-10.4.53, 11.0.0-11.5.47, 12.0.0-12.4.36, and 13.0.0-13.4.17 allow backend users to disclose full file paths via failed low-level file-system operations...
NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally...
Microsoft Windows NTFS 安全漏洞
Microsoft Windows NTFS is a file system from Microsoft USA that serves computer files. The file system has error warning, disk self-repair, and logging capabilities. A security vulnerability exists in Microsoft Windows NTFS. An attacker exploiting this vulnerability could remotely execute code. T...
HP Poly Lens 安全漏洞
HP Poly Lens is a unified collaboration management and device management software from Hewlett-Packard HP. A security vulnerability exists in HP Poly Lens that stems from allowing file system modifications that could result in gaining SYSTEM privileges...
PT-2025-36692
Name of the Vulnerable Software and Affected Versions: TYPO3 CMS versions 9.0.0 through 9.5.54 TYPO3 CMS versions 10.0.0 through 10.4.53 TYPO3 CMS versions 11.0.0 through 11.5.47 TYPO3 CMS versions 12.0.0 through 12.4.36 TYPO3 CMS versions 13.0.0 through 13.4.17 Description: The File Abstraction...
PT-2025-36847
Name of the Vulnerable Software and Affected Versions: Microsoft Brokering File System affected versions not specified Description: A race condition exists due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to elevate privileges...
Microsoft Brokering File System 资源管理错误漏洞
Microsoft Brokering File System is a file system from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Brokering File System. An attacker could exploit this vulnerability to elevate privileges. The following products and editions are affected:Windows Server...
CVE-2025-58751
CVE-2025-58751 involves a path traversal issue in Vite Dev Server. The vulnerability affects apps that explicitly expose the Vite dev server to the network (using --host or server.host) and have the public directory feature enabled (default) with a symlink inside the public directory. In versions...
CVE-2025-43722
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...
Network-Level Censorship Attacks in the InterPlanetary File System
The InterPlanetary File System IPFS has been successfully established as the de facto standard for decentralized data storage in the emerging Web3. Despite its decentralized nature, IPFS nodes, as well as IPFS content providers, have converged to centralization in large public clouds...
PT-2025-36528
Name of the Vulnerable Software and Affected Versions: Vite versions prior to 7.1.5 Vite versions prior to 7.0.7 Vite versions prior to 6.3.6 Vite versions prior to 5.4.20 Description: Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files...
PT-2025-46762
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The btrfs encode fh function does not properly account for all cases it handles, potentially leading to an out-of-bounds write. Specifically, when a parent exists and the root ID of the...
CVE-2025-39730
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal filehandle length before it can access the embedded filehandle...
DEBIAN-CVE-2025-39730
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfsfhtodentry The function needs to check the minimal filehandle length before it can access the embedded filehandle...
CVE-2025-39734 Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inodetrylock with inodelock" This reverts commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, conditional lock acquisition was removed to fix an xfstest bug that was observed during internal...