9293 matches found
CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...
CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink
Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...
CVE-2025-59829
CVE-2025-59829 affects Claude Code (Anthropic) prior to version 1.0.120. The root cause is improper handling of symbolic links when evaluating permission-deny rules, enabling a user-denied file to be accessed via a symlink pointing to that file. The issue is fixed in 1.0.120. Impact is exposure o...
Fedora 44 : cri-o1.31 (2025-01f444b2ce)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-01f444b2ce advisory. Automatic update for cri-o1.31-1.31.13-1.fc44. Changelog Thu Oct 2 2025 Bradley G Smith - 1.31.13-1 - Update to release v1.31.13 - Resolves:...
Fedora 44 : cri-o1.33 (2025-7bc36fec81)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7bc36fec81 advisory. Automatic update for cri-o1.33-1.33.5-1.fc44. Changelog Thu Oct 2 2025 Bradley G Smith - 1.33.5-1 - Update to release v1.33.5 - Resolves: rhbz233335...
@plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user
Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your...
Decoding Deception: Understanding Automatic Speech Recognition Vulnerabilities in Evasion and Poisoning Attacks
Recent studies have demonstrated the vulnerability of Automatic Speech Recognition systems to adversarial examples, which can deceive these systems into misinterpreting input speech commands. While previous research has primarily focused on white-box attacks with constrained optimizations, and...
Do Not Install the Avahi Service
Avahi is a zero-configuration networking implementation, including a system for multicast DNS/DNS-SD service discovery and automatic broadcast. For example, you can connect a server to the network and use Avahi to automatically broadcast network services running on the server for other user to...
Fedora 44 : nextcloud (2025-b4b3303299)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b4b3303299 advisory. Automatic update for nextcloud-31.0.9-1.fc44. Changelog Sat Sep 20 2025 Andrew Bauer - 31.0.9-1 - 31.0.9 release RHBZ2388493 RHBZ2389830 RHBZ2389831...
CVE-2025-34193 Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protections and Use Outdated Runtimes
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe that lack modern compile-time and...
CVE-2025-34193
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe that lack modern compile-time and...
CVE-2025-34193
Vasion Print (formerly PrinterLogic) Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, and PrinterInstallerClientLauncher.exe in Virtual Appliance Host and Application versions prior to 25.1.102 / 25.1.1413 lack modern memory-safety mitigations (DEP, ASLR,...
Update your Apple devices to fix dozens of vulnerabilities
Apple has released security updates for iPhones, iPads, Apple Watches, Apple TVs, and Macs as well as for Safari, and Xcode to fix dozens of vulnerabilities which could give cybercriminals access to sensitive data. How to update your devices How to update your iPhone or iPad For iOS and iPadOS...
UBUNTU-CVE-2023-53264
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050clocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using...
CVE-2023-53264 clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050clocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using...
SUSE CVE-2023-53249
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mnclocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using devmkzalloc...
DEBIAN-CVE-2023-53249
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mnclocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using devmkzalloc...
CVE-2023-53249 clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe
In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mnclocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using devmkzalloc...
SCANNER-INURLBR
This is an offensive tool for web application vulnerability scanning. The tool, INURLBR, is designed to perform advanced searches in search engines to exploit GET/POST capturing emails and URLs, with an internal custom validation junction for each target/URL found. It is written in PHP and can ru...
Zeratool
This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...