Lucene search
+L

350 matches found

ptsecurity
ptsecurity
added 2026/01/30 12:0 a.m.16 views

PT-2026-5440

Name of the Vulnerable Software and Affected Versions PsySH versions prior to 0.11.23 PsySH versions prior to 0.12.19 Description PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.11.23 and 0.12.19, PsySH automatically loads and executes a .psysh.ph...

6.7CVSS6.4AI score0.0028EPSS
Exploits1References10
github
github
added 2026/01/23 6:31 p.m.15 views

miniserve affected by a TOCTOU and symlink race vulnerability

A TOCTOU and symlink race in svenstaro/miniserve 0.32.0 upload finalization when uploads are enabled can allow an attacker to overwrite arbitrary files outside the intended upload/document root in deployments where the attacker can create/replace filesystem entries in the upload destination...

6.8CVSS5.7AI score0.00299EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2026/01/23 12:0 a.m.18 views

PT-2026-4471

Name of the Vulnerable Software and Affected Versions miniserve version 0.32.0 Description A time-of-check to time-of-use TOCTOU and symlink race condition exists in miniserve when uploads are enabled. This can allow an attacker to overwrite arbitrary files outside the intended upload directory i...

6.8CVSS5.6AI score0.00299EPSS
Exploits1References5
cvelist
cvelist
added 2026/01/23 12:0 a.m.33 views

CVE-2025-67124

A TOCTOU and symlink race in svenstaro/miniserve 0.32.0 upload finalization when uploads are enabled can allow an attacker to overwrite arbitrary files outside the intended upload/document root in deployments where the attacker can create/replace filesystem entries in the upload destination...

0.00299EPSS
Exploits1References2
alpinelinux
alpinelinux
added 2026/01/23 12:0 a.m.8 views

CVE-2025-67124

A TOCTOU and symlink race in svenstaro/miniserve 0.32.0 upload finalization when uploads are enabled can allow an attacker to overwrite arbitrary files outside the intended upload/document root in deployments where the attacker can create/replace filesystem entries in the upload destination...

6.8CVSS5.8AI score0.00299EPSS
Exploits1References2
cve
cve
added 2026/01/22 9:39 p.m.37 views

CVE-2026-23953

Incus CVE-2026-23953 affects versions 6.20.0 and earlier. A user able to launch a container with a crafted YAML can inject newlines via an environment variable, enabling additional lxc.conf items and potentially arbitrary command execution on the host. Exploitation requires modifying the payload ...

8.7CVSS6AI score0.00471EPSS
Exploits1References4Affected Software1
alpinelinux
alpinelinux
added 2026/01/22 9:39 p.m.4 views

CVE-2026-23953

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration e.g a member of the ‘incus’ group can create an environment variable containing newlines, which can be used to add additional...

8.7CVSS6.1AI score0.00471EPSS
Exploits1
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001104 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by...

7.8CVSS7AI score0.00923EPSS
Exploits2References9
redhatcve
redhatcve
added 2026/01/09 12:11 p.m.11 views

CVE-2018-18654

Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp directory, wait until a user process copies xr there, and then replace the entire contents of this subdirectory to...

7.8CVSS6.5AI score0.00306EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:44 a.m.8 views

CVE-2022-26526

Anaconda Anaconda3 Anaconda Distribution through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse...

7.8CVSS6.9AI score0.00338EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 10:18 a.m.7 views

CVE-2019-18192

GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365...

7.8CVSS6.9AI score0.00433EPSS
Exploits2References1
redhatcve
redhatcve
added 2026/01/09 10:8 a.m.10 views

CVE-2019-20384

Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners...

5.5CVSS6.6AI score0.0027EPSS
Exploits1References1
nvd
nvd
added 2026/01/08 4:15 p.m.10 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

6.5CVSS0.02981EPSS
Exploits1References3
cvelist
cvelist
added 2026/01/08 12:0 a.m.34 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

0.02981EPSS
Exploits1References3
redhatcve
redhatcve
added 2026/01/07 9:10 a.m.14 views

CVE-2019-16784

In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in "onefile" mode is launched by a privileged user at least more than the current one which have his "TempPath" resolving to a world...

7.8CVSS6.8AI score0.00689EPSS
Exploits1References1
rapid7blog
rapid7blog
added 2026/01/05 8:31 p.m.19 views

Metasploit 2025 Annual Wrap-Up

Hard to believe it's that time again, and that Metasploit Framework will see the dawn of another Annual Wrap-Up and a New Year. All of the metrics and modules you see here would in large part not be possible without the dedicated community members who care about the Framework and its mission on a...

9.1AI score
Exploits0
githubexploit
githubexploit
added 2026/01/02 11:20 a.m.280 views

Exploit for Incorrect Permission Assignment for Critical Resource in Facebook Below

Exploit for CVE-2025-27591 For educational purposes only Bu...

6.8CVSS6.9AI score0.0036EPSS
Exploits23
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.8 views

PT-2026-6749

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description Asterisk is a private branch exchange and telephony...

7.8CVSS5.9AI score0.00112EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.3 views

PT-2026-6750

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description The asterisk/contrib/scripts/ast coredumper script runs...

5.7AI score0.00173EPSS
Exploits0References7
euvd
euvd
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202435

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAISP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS6.9AI score0.0017EPSS
Exploits0References4
Rows per page
Query Builder