Lucene search
K

56 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-36446

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00517EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28085

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-28298

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00401EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-49466

Malicious code in bioql PyPI...

8.4CVSS8.2AI score0.00222EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-6934

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.01004EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32491

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00594EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-41268

Malicious code in bioql PyPI...

5.9CVSS6AI score0.00311EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/08/06 5:6 p.m.11 views

tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter

Summary [email protected] is vulnerable to an Arbitrary temporary file / directory write via symbolic link dir parameter. Details According to the documentation there are some conditions that must be held: // https://github.com/raszi/node-tmp/blob/v0.2.3/README.md?plain=1L41-L50 Other breaking changes,...

5.3CVSS6.3AI score0.00331EPSS
Exploits1References6Affected Software1
GithubExploit
GithubExploit
added 2025/07/31 12:22 p.m.285 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

CVE-2025-27591 description Basically below tool allow f...

6.8CVSS7.9AI score0.0036EPSS
Exploits22
Zero Day Initiative
Zero Day Initiative
added 2025/07/29 12:0 a.m.7 views

Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS6.7AI score0.00184EPSS
Exploits0
OSV
OSV
added 2025/06/24 7:0 p.m.7 views

GHSA-WJ44-9VCG-WJQ7 Gogs allows deletion of internal files which leads to remote command execution

Summary Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the .git directory and achieve remote command execution. Details In the patch for CVE-2024-39931, the following check is added:...

10CVSS10AI score0.00952EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 6:47 a.m.9 views

CVE-2024-53921

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process...

2.8CVSS7AI score0.00166EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.8 views

CVE-2023-28869

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link...

6.5CVSS6.9AI score0.00768EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:41 a.m.8 views

CVE-2022-32450

AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder used for ad.trace and chat but the product runs as SYSTEM when writing chat-room data there...

7.1CVSS7AI score0.00517EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:53 p.m.7 views

CVE-2020-8950

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an...

7.8CVSS7.1AI score0.00994EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.8 views

CVE-2019-8656

This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount tha...

5.5CVSS6.1AI score0.0149EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/03 5:27 a.m.27 views

CVE-2025-31334

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be execut...

6.8CVSS0.01233EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 1:33 p.m.15 views

CVE-2020-26312

Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder...

8.1CVSS6.5AI score0.00441EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/02/04 12:0 a.m.14 views

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Technical...

7.8CVSS7.2AI score0.00415EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/24 3:26 a.m.13 views

CVE-2024-47515 Pagure: generate_archive() follows symbolic links in temporary clones

A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...

8.1CVSS7.7AI score0.00553EPSS
Exploits0References2
Rows per page
Query Builder