788 matches found
EUVD-2023-41777
Malicious code in bioql PyPI...
atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().
...
SUSE CVE-2025-39828
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
AZL-67392 CVE-2025-39828 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
DEBIAN-CVE-2025-39828
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
CVE-2025-39828
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
UBUNTU-CVE-2025-39828
In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the atmtcprecvcontrol function not validating the vcc pointer in the atmtcpcontrol structure, which could le...
VulnCheck KEV: CVE-2017-16237
In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file VIAGLT64.SYS contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8273007C...
CVE-2025-58158 Harness Affected by Arbitrary File Write in Gitness LFS server
Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...
kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc
A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...
Linux Distros Unpatched Vulnerability : CVE-2023-37923
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2023-37921
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2019-19647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 through 4.0.0 lacks validation of the content variable in the function rasmpseudoincbin at libr/asm/asm.c, ultimately leading to an arbitrary write. Thi...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization in template file destination paths. An attacker can access sensitive files outside intended directories by supplying crafted path components. Details A Directory Traversal attack al...
GHSA-3XW7-V6CJ-5Q8H Copier's safe template has arbitrary filesystem read/write access
Impact Copier's current security model shall restrict filesystem access through Jinja: - Files can only be read using % include ... %, which is limited by Jinja to reading files from the subtree of the local template clone in our case. - Files are written in the destination directory according to...
Linux Distros Unpatched Vulnerability : CVE-2023-37922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary...
CVE-2025-55013 Assemblyline 4 Service Client: Arbitrary Write through path traversal in Client code
The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client taskhandler.py accepts a SHA-256 value returned by the service server and uses it directly as a local...
CVE-2025-55013 Assemblyline 4 Service Client: Arbitrary Write through path traversal in Client code
The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client taskhandler.py accepts a SHA-256 value returned by the service server and uses it directly as a local...
SUSE CVE-2025-54798
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...