Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25049

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.00507EPSS
Exploits0References4
OSV
OSV
added 2025/08/15 9:31 p.m.6 views

GHSA-WJRX-6529-HCJ3 HashiCorp go-getter Vulnerable to Symlink Attacks

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...

7.5CVSS6.7AI score0.00507EPSS
Exploits0References5
NVD
NVD
added 2025/08/15 9:15 p.m.4 views

CVE-2025-8959

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...

7.5CVSS0.00507EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/08/15 8:32 p.m.11 views

CVE-2025-8959

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9...

7.5CVSS5.6AI score0.00507EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/01/04 12:0 a.m.6 views

The vulnerability of server-based corporate software for monitoring and managing project knowledge bases in Adobe RoboHelp Server lies in its ability to load files beyond the expected directory limits, allowing attackers to execute arbitrary code.

The vulnerability of server-based corporate software for project monitoring and management in Adobe RoboHelp Server relates to the ability to load arbitrary files beyond the expected directory structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the...

10CVSS7.7AI score0.39401EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder