CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

2.9CVSS6.5AI score0.0016EPSS

Exploits0References3

Vulnrichment•added 2025/10/07 12:0 a.m.•3 views

CVE-2025-62187

2.9CVSS6.6AI score0.0016EPSS

Exploits0References3

CNNVD•added 2025/10/07 12:0 a.m.•6 views

Tesla Telematics Control Unit 安全漏洞

Tesla Telematics Control Unit is an in-vehicle communications and data management module from Tesla, Inc. A security vulnerability exists in Tesla Telematics Control Unit versions prior to v2025.14, which stems from an authentication bypass that could lead to arbitrary file writing and script...

8.6CVSS7.3AI score0.00549EPSS

Exploits0References3

CVE•added 2025/10/07 12:0 a.m.•13 views

CVE-2025-62187

In Ankitects Anki prior to 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux because media file pathnames are not necessarily relative to the media folder. The vulnerability affects the media handling component and arises from impro...

3.3CVSS6.6AI score0.0016EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2025/10/07 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680628 advisory. @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee tha...

8.2CVSS7.7AI score0.00576EPSS

Exploits0References4

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xz (UTSA-2025-986157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986157 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file nam...

8.8CVSS6.9AI score0.04062EPSS

Exploits0References4

NVD•added 2025/10/05 9:15 a.m.•8 views

CVE-2025-8406

ZenML version 0.83.1 is affected by a path traversal vulnerability in the PathMaterializer class. The load function uses ispathwithindirectory to validate files during data.tar.gz extraction, which fails to effectively detect symbolic and hard links. This vulnerability can lead to arbitrary file...

7.8CVSS0.00326EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-30680

Malicious code in bioql PyPI...

7.7CVSS6.9AI score0.00307EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-26970

Malicious code in bioql PyPI...

9.9CVSS8.8AI score0.01704EPSS

Exploits1References2