Lucene search
K

156 matches found

osv
osv
added 2025/08/11 1:53 p.m.4 views

BIT-LIBPHP-2021-21706 ZipArchive::extractTo may extract outside of destination dir

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS...

6.5CVSS7.1AI score0.01337EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/08/02 8:22 p.m.6 views

CVE-2025-54433

Bugsink is a self-hosted error tracking service. In versions 1.4.2 and below, 1.5.0 through 1.5.4, 1.6.0 through 1.6.3, and 1.7.0 through 1.7.3, ingestion paths construct file locations directly from untrusted eventid input without validation. A specially crafted eventid can result in paths outsi...

7.2CVSS6.2AI score0.00538EPSS
Exploits0References1
github
github
added 2025/07/29 8:13 p.m.11 views

Bugsink path traversal via event_id in ingestion

Summary In affected versions, ingestion paths construct file locations directly from untrusted eventid input without validation. A specially crafted eventid can result in paths outside the intended directory, potentially allowing file overwrite or creation in arbitrary locations. Submitting such...

7.2CVSS7.2AI score0.00538EPSS
Exploits0References11Affected Software1
ptsecurity
ptsecurity
added 2025/07/29 12:0 a.m.8 views

PT-2025-31371

Name of the Vulnerable Software and Affected Versions Bugsink versions 1.4.2 and below Bugsink versions 1.5.0 through 1.5.4 Bugsink versions 1.6.0 through 1.6.3 Bugsink versions 1.7.0 through 1.7.3 Description Bugsink is a self-hosted error tracking service. Ingestion paths construct file locatio...

7.2CVSS6AI score0.00538EPSS
Exploits0References20
nessus
nessus
added 2025/07/11 12:0 a.m.2 views

CBL Mariner 2.0 Security Update: ansible (CVE-2023-5115)

The version of ansible installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5115 advisory. - An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to...

6.3CVSS7.1AI score0.00859EPSS
Exploits0References2
nessus
nessus
added 2025/07/10 12:0 a.m.2 views

Ubuntu 22.04 LTS / 24.04 LTS : YAML-LibYAML vulnerability (USN-7632-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7632-1 advisory. It was discovered that YAML-LibYAML incorrectly handled certain file names. An attacker could possibly use this issue to overwrite arbitrary files...

9.1CVSS8.4AI score0.00368EPSS
Exploits1References2
osv
osv
added 2025/06/13 9:30 a.m.6 views

GHSA-R546-H3FF-Q585 Salt vulnerable to directory traversal attack in minion file cache creation

Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory...

4.2CVSS7AI score0.00266EPSS
Exploits0References5
redhatcve
redhatcve
added 2025/05/23 10:0 a.m.4 views

CVE-2024-23216

A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to overwrite arbitrary files...

7.1CVSS7.2AI score0.00274EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 5:12 a.m.11 views

CVE-2023-23436

Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file...

7.3CVSS6.9AI score0.00113EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/21 8:45 p.m.8 views

CVE-2005-4691

imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page...

2.1CVSS6.8AI score0.0034EPSS
Exploits0References1
openvas
openvas
added 2025/04/03 12:0 a.m.12 views

Apple Xcode Security Update (HT122380)

Apple Xcode is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:xcode"; ifdescription...

5.5CVSS5.4AI score0.00248EPSS
Exploits0References1
nvd
nvd
added 2025/03/31 11:15 p.m.32 views

CVE-2025-30441

This issue was addressed through improved state management. This issue is fixed in Xcode 16.3. An app may be able to overwrite arbitrary files...

5.5CVSS0.00221EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/03/22 11:44 a.m.12 views

CVE-2024-6854

In h2oai/h2o-3 version 3.46.0, the endpoint for exporting models does not restrict the export location, allowing an attacker to export a model to any file in the server's file structure, thereby overwriting it. This vulnerability can be exploited to overwrite any file on the target server with a...

7.1CVSS6.7AI score0.00693EPSS
Exploits1References1
osv
osv
added 2025/03/20 10:8 a.m.6 views

CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

9.1CVSS7.9AI score0.01019EPSS
Exploits1References4
nessus
nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-29154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The serv...

7.4CVSS8.2AI score0.01659EPSS
Exploits1References3
nessus
nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-35936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior...

6.1CVSS6.4AI score0.00368EPSS
Exploits1References3
nessus
nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-1924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a...

7.8CVSS7.4AI score0.00409EPSS
Exploits1References2
nessus
nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2020-28407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as...

7.1CVSS7.4AI score0.00279EPSS
Exploits0References2
nessus
nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-0901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesyste...

7.5CVSS6.8AI score0.29442EPSS
Exploits2References3
nessus
nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-19044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users...

4.7CVSS5.8AI score0.00501EPSS
Exploits1References3
Rows per page
Query Builder