Lucene search
K

9293 matches found

Cvelist
Cvelist
added 2025/10/03 8:3 p.m.9 views

CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink

Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...

2.3CVSS0.00396EPSS
Exploits0References1
OSV
OSV
added 2025/10/03 8:3 p.m.4 views

CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink

Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...

2.3CVSS6.8AI score0.00396EPSS
Exploits0References3
CVE
CVE
added 2025/10/03 8:3 p.m.17 views

CVE-2025-59829

CVE-2025-59829 affects Claude Code (Anthropic) prior to version 1.0.120. The root cause is improper handling of symbolic links when evaluating permission-deny rules, enabling a user-denied file to be accessed via a symlink pointing to that file. The issue is fixed in 1.0.120. Impact is exposure o...

6.5CVSS6.4AI score0.00396EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/02 12:0 a.m.6 views

Fedora 44 : cri-o1.31 (2025-01f444b2ce)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-01f444b2ce advisory. Automatic update for cri-o1.31-1.31.13-1.fc44. Changelog Thu Oct 2 2025 Bradley G Smith - 1.31.13-1 - Update to release v1.31.13 - Resolves:...

6.5CVSS7.4AI score0.00489EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/10/02 12:0 a.m.1 views

Fedora 44 : cri-o1.33 (2025-7bc36fec81)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7bc36fec81 advisory. Automatic update for cri-o1.33-1.33.5-1.fc44. Changelog Thu Oct 2 2025 Bradley G Smith - 1.33.5-1 - Update to release v1.33.5 - Resolves: rhbz233335...

6.5CVSS7.4AI score0.00489EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/10/01 3:53 p.m.7 views

@plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user

Impact When visiting a specific URL, an anonymous user could cause the NodeJS server part of Volto to quit with an error. Patches The problem has been patched and the patch has been backported to Volto major versions down until 16. It is advised to upgrade to the latest patch release of your...

8.7CVSS6.8AI score0.00408EPSS
Exploits0References10Affected Software1
Packet Storm News
Packet Storm News
added 2025/09/26 12:0 a.m.3 views

Decoding Deception: Understanding Automatic Speech Recognition Vulnerabilities in Evasion and Poisoning Attacks

Recent studies have demonstrated the vulnerability of Automatic Speech Recognition systems to adversarial examples, which can deceive these systems into misinterpreting input speech commands. While previous research has primarily focused on white-box attacks with constrained optimizations, and...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.2 views

Do Not Install the Avahi Service

Avahi is a zero-configuration networking implementation, including a system for multicast DNS/DNS-SD service discovery and automatic broadcast. For example, you can connect a server to the network and use Avahi to automatically broadcast network services running on the server for other user to...

6.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/21 12:0 a.m.4 views

Fedora 44 : nextcloud (2025-b4b3303299)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b4b3303299 advisory. Automatic update for nextcloud-31.0.9-1.fc44. Changelog Sat Sep 20 2025 Andrew Bauer - 31.0.9-1 - 31.0.9 release RHBZ2388493 RHBZ2389830 RHBZ2389831...

6.1CVSS5.5AI score0.0071EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/09/19 6:47 p.m.8 views

CVE-2025-34193 Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protections and Use Outdated Runtimes

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe that lack modern compile-time and...

7.1CVSS0.00726EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/09/19 6:47 p.m.5 views

CVE-2025-34193

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe that lack modern compile-time and...

9.8CVSS6.1AI score0.00726EPSS
Exploits1References5
CVE
CVE
added 2025/09/19 6:47 p.m.22 views

CVE-2025-34193

Vasion Print (formerly PrinterLogic) Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, and PrinterInstallerClientLauncher.exe in Virtual Appliance Host and Application versions prior to 25.1.102 / 25.1.1413 lack modern memory-safety mitigations (DEP, ASLR,...

9.8CVSS7.6AI score0.00726EPSS
Exploits1References4Affected Software2
Malwarebytes
Malwarebytes
added 2025/09/16 7:48 p.m.6 views

Update your Apple devices to fix dozens of vulnerabilities

Apple has released security updates for iPhones, iPads, Apple Watches, Apple TVs, and Macs as well as for Safari, and Xcode to fix dozens of vulnerabilities which could give cybercriminals access to sensitive data. How to update your devices How to update your iPhone or iPad For iOS and iPadOS...

6.5CVSS6AI score0.00441EPSS
Exploits0
OSV
OSV
added 2025/09/16 8:15 a.m.3 views

UBUNTU-CVE-2023-53264

In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050clocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/16 8:6 a.m.1 views

CVE-2023-53264 clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe

In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050clocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using...

8AI score0.00145EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/09/15 11:27 p.m.2 views

SUSE CVE-2023-53249

In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mnclocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using devmkzalloc...

3.3CVSS6.5AI score0.00135EPSS
Exploits0References19
OSV
OSV
added 2025/09/15 3:15 p.m.8 views

DEBIAN-CVE-2023-53249

In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mnclocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using devmkzalloc...

5.5CVSS5.3AI score0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/09/15 2:46 p.m.4 views

CVE-2023-53249 clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe

In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imx8mn: fix memory leak in imx8mnclocksprobe Use devmofiomap instead of ofiomap to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc will leak, but using devmkzalloc...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References9
Gitee
Gitee
added 2025/09/14 6:10 p.m.154 views

SCANNER-INURLBR

This is an offensive tool for web application vulnerability scanning. The tool, INURLBR, is designed to perform advanced searches in search engines to exploit GET/POST capturing emails and URLs, with an internal custom validation junction for each target/URL found. It is written in PHP and can ru...

7AI score
Exploits0
Gitee
Gitee
added 2025/09/13 5:2 a.m.119 views

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...

8.6AI score
Exploits0
Rows per page
Query Builder