CVE-2026-28914

A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks...

EUVD-2012-5154

Malware in sbrugna...

EUVD-2025-10015

Malicious code in bioql PyPI...

EUVD-2025-9004

Malicious code in bioql PyPI...

EUVD-2022-34194

Malicious code in bioql PyPI...

Medium: open-vm-tools

Issue Overview: VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247 Affected Packages: open-vm-tools Issue Correction: Run dn...

SUSE-SU-2025:01778-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: - CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: - Fixed GCC 15 compile time error bsc1241938 - Fixed building with containerd 1.7.25+ bsc1237147 Full changelog:...

SUSE SLED15 / SLES15 Security Update : open-vm-tools (SUSE-SU-2025:01565-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01565-1 advisory. Update to 12.5.2: Security fixes: - CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: - Fixed GCC 1...

CVE-2024-44252

A logic issue was addressed with improved file handling. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, tvOS 18.1, visionOS 2.1. Restoring a maliciously crafted backup file may lead to modification of protected system files...

CVE-2024-44300

A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to access protected user data...

CVE-2022-31517

The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2021-20172

All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be...

CVE-2020-1364

A denial of service vulnerability exists in the way that the WalletService handles files, aka 'Windows WalletService Denial of Service Vulnerability'...

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update...

Ubuntu: Security Advisory (USN-7509-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-47756

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::setmr400strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution...

CVE-2025-39584 WordPress Eventin plugin <= 4.0.25 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Arraytics Eventin wp-event-solution allows PHP Local File Inclusion.This issue affects Eventin: from n/a through = 4.0.25...

Insecure Deserialization

lmdeploy is vulnerable to Insecure Deserialization. The vulnerability is due to unsafe handling in the loadweightckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler, allowing local attackers to exploit it...

Tenda FH1202 Improper Access Control Vulnerability

The Tenda FH1202 is a wireless router manufactured by Tenda in China. An improper access control vulnerability exists in the Tenda FH1202. The vulnerability stems from improper access control due to the handling of the file /goform/wrlwpsset. An attacker can exploit this vulnerability to launch a...

CVE-2025-24279

This issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access contacts...