BIT-PYTHON-2024-12718 Bypass extraction filter to modify file metadata outside extraction directory

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

BIT-HELM-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

AZL-65051 CVE-2025-48385 affecting package git for versions less than 2.40.4-2

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to...

CVE-2025-36600

Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

CVE-2025-40739

Summary (CVE-2025-40739) : Siemens Solid Edge SE2025 prior to V225.0 Update 5 contains an out-of-bounds read while parsing specially crafted PAR files, which can lead to code execution in the process context. This vulnerability affects Solid Edge SE2025 versions before the Update 5 release. Accor...

PT-2025-28600

Name of the Vulnerable Software and Affected Versions: Microsoft Office Microsoft Word Microsoft 365 Apps for Enterprise Microsoft Office Long Term Servicing Channel Microsoft SharePoint Server versions prior to the July 15, 2025 update Description: A use-after-free issue exists in Microsoft Offi...

PT-2025-28548

Name of the Vulnerable Software and Affected Versions: Microsoft Remote Desktop Client affected versions not specified Description: A relative path traversal flaw exists in the Remote Desktop Client, potentially allowing an unauthorized attacker to execute code over a network. Malicious Remote...

Siemens Solid Edge

SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted files in various formats such as PAR or CFG format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released a...

PT-2025-28241 · Robocode +1 · Robocode +1

Name of the Vulnerable Software and Affected Versions: Roo Code versions prior to 3.22.6 Description: Roo Code is an AI-powered autonomous coding agent. If the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and...

Apache Seata Deserialization Vulnerability

Apache Seata is the United States Apache Apache Foundation of a microservices architecture in the United States to provide high-performance and easy to use distributed transaction services in the open source project . A deserialization vulnerability exists in Apache Seata versions prior to 2.0.0 ...

CVE-2025-5746

The Drag and Drop Multiple File Upload Pro - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnduploadcf7uploadchunks function in version 5.0 - 5.0.5 when bundled with the PrintSpace theme and all versions up to, and including,...

HDF5 资源管理错误漏洞

HDF5 is a library of HDF open source . A security vulnerability exists in HDF5 version 1.14.6, which stems from a confusion about the instruction in the function H5FLreggclist in the file src/H5FL.c that is responsible for freeing memory. An attacker can exploit this vulnerability to potentially...

PT-2025-27188 · WordPress · Category Slider For Woocommerce

Name of the Vulnerable Software and Affected Versions: WPB Category Slider for WooCommerce versions 1.71 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...

CVE-2025-5995

CVE-2025-5995 affects Canon EOS Webcam Utility Pro for macOS, with versions 2.3d (2.3.29) and earlier vulnerable due to improper directory permissions. An attacker with administrator privileges could modify the target directory, potentially enabling code execution and privilege escalation. Mitiga...

PT-2025-26822 · WordPress · Everest Forms

Name of the Vulnerable Software and Affected Versions: The Everest Forms Pro plugin for WordPress versions up to, and including, 1.9.4 Description: The issue is related to insufficient file path validation in the delete entry files function, allowing unauthenticated attackers to delete arbitrary...

CVE-2025-52568 NeKernal Multiple Memory Corruption Vulnerabilities in mkfs.hefs

NeKernal is a free and open-source operating system stack. Prior to version 0.0.3, there are several memory safety issues that can lead to memory corruption, disk image corruption, denial of service, and potential code execution. These issues stem from unchecked memory operations, unsafe...

PT-2025-26712 · WordPress · The Aiomatic

Name of the Vulnerable Software and Affected Versions: The Aiomatic - Automatic AI Content Writer & Editor plugin for WordPress versions up to, and including, 2.5.0 Description: The issue allows for arbitrary file uploads due to missing file type validation in the aiomatic image editor ajax submi...

PT-2025-26781 · Komga · Komga

Name of the Vulnerable Software and Affected Versions: Komga versions 1.8.0 through 1.21.3 Description: A Cross-Site Scripting XSS issue has been found in Komga when serving EPUB resources. This allows an attacker to perform actions on the victim's behalf. If an admin user is targeted, it can be...

GHSA-QH58-9V3J-WCJC Mattermost allows authenticated users to write files to arbitrary locations

Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequence...

PT-2025-25642

Name of the Vulnerable Software and Affected Versions Drag and Drop Multiple File Upload for Contact Form 7 versions 1.3.8.9 and earlier Description The issue is related to insufficient file type validation, allowing unauthenticated attackers to bypass the plugin's blacklist and upload dangerous...