86 matches found
EUVD-2023-35042
Malicious code in bioql PyPI...
SUSE SLES12 Security Update : vim (SUSE-SU-2025:03299-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03299-1 advisory. Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vims tar.vim plugin bsc1246604 -...
Security update for vim
This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...
Security update for vim
This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...
SUSE-SU-2025:03299-1 Security update for vim
This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...
SUSE-SU-2025:03240-1 Security update for vim
This update for vim fixes the following issues: Update to version 9.1.1629. - CVE-2025-53905: Fixed a path traversal issue in tar.vim plugin that may allow for file overwriting when opening specially crafted tar files bsc1246604. - CVE-2025-53906: Fixed a path traversal issue in zip.vim plugin th...
Security update for vim
This update for vim fixes the following issues: CVE-2025-53906: Fixed malicious zip archive causing path traversal bsc1246602 CVE-2025-53905: Fixed malicious tar archive causing path traversal bsc1246604 CVE-2025-55157: Fixed use-after-free in internal tuple reference management bsc1247938...
Linux Distros Unpatched Vulnerability : CVE-2020-7668
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or...
OESA-2025-1944 vim security update
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...
Siemens SINEC NMS Path Traversal Vulnerability (CNVD-2025-16627)
Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...
Siemens SINEC NMS Path Traversal Vulnerability (CNVD-2025-16629)
Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...
CVE-2025-40592
A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...
CVE-2025-40592
A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...
CVE-2025-40592
A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...
CVE-2025-40592
CVE-2025-40592 describes a zip path traversal in the Mendix Studio Pro module installation process. The vulnerability affects Mendix Studio Pro versions prior to: 8.18.35, 9.24.35, 10.6.24, 10.12.17, 10.18.7, and 10.23.0, with all versions of 11 affected. By crafting a malicious module (e.g., via...
PT-2025-25283 · Mendix · Mendix Studio Pro
Name of the Vulnerable Software and Affected Versions: Mendix Studio Pro versions prior to 8.18.35 Mendix Studio Pro versions prior to 9.24.35 Mendix Studio Pro versions prior to 10.6.24 Mendix Studio Pro versions prior to 10.12.17 Mendix Studio Pro versions prior to 10.18.7 Mendix Studio Pro...
CVE-2025-3485
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementati...
CVE-2023-30678
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...
PT-2024-7104 · Ollama · Ollama
Name of the Vulnerable Software and Affected Versions: Ollama versions prior to 0.1.47 Description: The issue is related to the extractFromZipFile function in model.go of the Ollama system, which is used for launching and managing large language models LLM. This function has an incorrect...
CVE-2023-51599
Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the...