PT-2026-41386

Name of the Vulnerable Software and Affected Versions Joplin versions prior to 3.5.7 Description A path traversal issue exists in the OneNote importer. The OneNote converter fails to sanitize the names of embedded files before writing them to disk. An attacker can create a malicious .one file...

VMware Workstation Multiple Vulnerabilities (VMSA-2025-0004) - Linux

VMware Workstation is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:workstation";...

Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Firefox did not properly handle downloads of files ending in .desktop, which can be interpreted to run attacker-controlled commands. This bug only affects Firefox for Linux on certain Distributions. Other operating systems are...

ipop2d.txt

Vulnerable Program: POP2 shipped with imap-4.4 package Platforms: Linux Impact: Remote users can spawn a shell with uid of user "nobody" Reported Initally: Chris Evans Exploit Code: bind Details: -------- POP-2 supports anonymous proxy service where remote users can connect to remote imap servers...