Lucene search
K

86 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35042

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00194EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/24 12:0 a.m.3 views

SUSE SLES12 Security Update : vim (SUSE-SU-2025:03299-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03299-1 advisory. Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vims tar.vim plugin bsc1246604 -...

8.8CVSS6.6AI score0.00731EPSS
Exploits2References13
SUSE Linux
SUSE Linux
added 2025/09/23 9:4 a.m.3 views

Security update for vim

This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...

6.7CVSS7AI score0.00731EPSS
Exploits2References16
SUSE Linux
SUSE Linux
added 2025/09/23 9:2 a.m.2 views

Security update for vim

This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...

6.7CVSS7AI score0.00731EPSS
Exploits2References16
OSV
OSV
added 2025/09/23 9:2 a.m.1 views

SUSE-SU-2025:03299-1 Security update for vim

This update for vim fixes the following issues: Updated to 9.1.1629: - CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin bsc1246604 - CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip bsc1246602 - CVE-2025-55157:...

8.8CVSS7AI score0.00731EPSS
Exploits2References9
OSV
OSV
added 2025/09/16 7:57 p.m.1 views

SUSE-SU-2025:03240-1 Security update for vim

This update for vim fixes the following issues: Update to version 9.1.1629. - CVE-2025-53905: Fixed a path traversal issue in tar.vim plugin that may allow for file overwriting when opening specially crafted tar files bsc1246604. - CVE-2025-53906: Fixed a path traversal issue in zip.vim plugin th...

8.8CVSS7AI score0.00731EPSS
Exploits2References9
SUSE Linux
SUSE Linux
added 2025/09/11 10:29 a.m.2 views

Security update for vim

This update for vim fixes the following issues: CVE-2025-53906: Fixed malicious zip archive causing path traversal bsc1246602 CVE-2025-53905: Fixed malicious tar archive causing path traversal bsc1246604 CVE-2025-55157: Fixed use-after-free in internal tuple reference management bsc1247938...

6.7CVSS7.4AI score0.00731EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-7668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or...

7.5CVSS7.3AI score0.01332EPSS
Exploits1References2
OSV
OSV
added 2025/08/01 1:3 p.m.5 views

OESA-2025-1944 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

4.1CVSS7.5AI score0.00731EPSS
Exploits2References3
CNVD
CNVD
added 2025/07/21 12:0 a.m.4 views

Siemens SINEC NMS Path Traversal Vulnerability (CNVD-2025-16627)

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...

8.8CVSS7AI score0.07166EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/15 12:0 a.m.2 views

Siemens SINEC NMS Path Traversal Vulnerability (CNVD-2025-16629)

Siemens SINEC NMS is a network management system NMS from Siemens, Germany, that can be used 24/7 to centrally monitor, manage and configure industrial networks with tens of thousands of devices, including safety-related areas. A path traversal vulnerability exists in Siemens SINEC NMS that stems...

8.8CVSS7AI score0.07166EPSS
Exploits0References1
NVD
NVD
added 2025/06/12 8:15 a.m.9 views

CVE-2025-40592

A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...

6.1CVSS0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/12 8:5 a.m.16 views

CVE-2025-40592

A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...

6.1CVSS0.00395EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/12 8:5 a.m.3 views

CVE-2025-40592

A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...

6.1CVSS6.4AI score0.00395EPSS
Exploits0References1
CVE
CVE
added 2025/06/12 8:5 a.m.42 views

CVE-2025-40592

CVE-2025-40592 describes a zip path traversal in the Mendix Studio Pro module installation process. The vulnerability affects Mendix Studio Pro versions prior to: 8.18.35, 9.24.35, 10.6.24, 10.12.17, 10.18.7, and 10.23.0, with all versions of 11 affected. By crafting a malicious module (e.g., via...

6.1CVSS6.4AI score0.00395EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.3 views

PT-2025-25283 · Mendix · Mendix Studio Pro

Name of the Vulnerable Software and Affected Versions: Mendix Studio Pro versions prior to 8.18.35 Mendix Studio Pro versions prior to 9.24.35 Mendix Studio Pro versions prior to 10.6.24 Mendix Studio Pro versions prior to 10.12.17 Mendix Studio Pro versions prior to 10.18.7 Mendix Studio Pro...

6.1CVSS6.5AI score0.00395EPSS
Exploits0References5
OSV
OSV
added 2025/06/06 7:15 p.m.5 views

CVE-2025-3485

Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementati...

8.8CVSS6.3AI score0.01781EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:11 a.m.8 views

CVE-2023-30678

Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file...

5.5CVSS7AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.4 views

PT-2024-7104 · Ollama · Ollama

Name of the Vulnerable Software and Affected Versions: Ollama versions prior to 0.1.47 Description: The issue is related to the extractFromZipFile function in model.go of the Ollama system, which is used for launching and managing large language models LLM. This function has an incorrect...

9.8CVSS6.1AI score0.89633EPSS
Exploits15References42
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.3 views

CVE-2023-51599

Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the...

8.8CVSS6.2AI score0.01572EPSS
Exploits0References2
Rows per page
Query Builder