38 matches found
EUVD-2021-15282
Malware in sbrugna...
EUVD-2019-9821
Malware in sbrugna...
EUVD-2018-10305
Malware in sbrugna...
EUVD-2003-1346
Malware in sbrugna...
EUVD-2024-51221
Malicious code in bioql PyPI...
EUVD-2021-8459
Malicious code in bioql PyPI...
Amazon Linux 2023 : open-vm-tools, open-vm-tools-desktop, open-vm-tools-devel (ALAS2023-2025-982)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-982 advisory. VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within th...
Medium: open-vm-tools
Issue Overview: VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247 Affected Packages: open-vm-tools Note: This advisory is...
Mageia: Security Advisory (MGASA-2025-0166)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-12957
A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion. Refer to the '01/23/2025 Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information...
[SECURITY] [DLA 4165-1] open-vm-tools security update
Debian LTS Advisory DLA-4165-1 [email protected] https://www.debian.org/lts/security/ Jochen Sprickerhof May 14, 2025 https://wiki.debian.org/LTS Package : open-vm-tools Version : 2:11.2.5-2+deb11u4 CVE ID : CVE-2025-22247 Debian Bug : 1105159 open-vm-tools is a package that provides Op...
CVE-2025-22247
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
CVE-2025-22247
CVE-2025-22247 affects open-vm-tools ( VMware Tools open-source components) and can be triggered by a non-administrative guest-VM user due to insecure file handling that may tamper local files, potentially enabling partial integrity impact within the guest. Several advisories confirm affected pac...
CVE-2025-22247
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
CVE-2025-22247 Insecure file handling vulnerability
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
CVE-2025-24279
This issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access contacts...
CVE-2024-12957
CVE-2024-12957 is a file handling command vulnerability in Armoury Crate that may result in arbitrary file deletion. Affected products are Armoury Crate versions as referenced by ASUS/Red Hat advisories; the underlying issue is a faulty file handling command leading to deletion of files. The avai...
SUSE SLES15 / openSUSE 15 Security Update : python-aiohttp (SUSE-SU-2024:4396-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4396-1 advisory. - CVE-2024-27306: filenames and paths not escaped when generating index pages for static file handling. bsc1223098 Tenable has...
Ubuntu: Security Advisory (USN-4862-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-3MRP-QHCJ-MWV5 Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6cpc-mj5c-m9rq. This link is maintained to preserve external references. Original Description An issue exists in node-cli 0.1.0 through 0.11.3 due to predictable temporary file names in lockfile and logfile, whi...