14 matches found
SUSE CVE-2026-46161
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix divide-by-zero in setupgeo with zero farcopies setupgeo extracts nearcopies nc and farcopies fc from the user-provided layout parameter without checking for zero. When fc=0 with the "improved" far set layout...
CVE-2025-70083
An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OSMAXPATHLEN. If the length of DirName i...
EUVD-2025-25392
Malicious code in bioql PyPI...
CVE-2025-20131
A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...
CVE-2025-20131
CVE-2025-20131 affects Cisco Identity Services Engine (ISE) GUI. Root cause: improper validation of the file copy function, enabling an authenticated, remote attacker with administrative privileges to upload arbitrary files to an affected device via a crafted file upload in the ISE GUI. CVSS v3.1...
CVE-2025-20131 Cisco Identity Services Engine Arbitrary File Upload Vulnerability
A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...
Cisco Identity Services Engine Arbitrary File Upload Vulnerability
A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this...
PT-2025-34115 · Cisco · Cisco Identity Services Engine
Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine affected versions not specified Description: A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an...
Cisco Identity Services Engine (cisco-sa-ise-file-upload-qksX6C8g)
According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the GUI of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to...
SUSE CVE-2025-38090
In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...
CVE-2025-20130
A vulnerability in the API of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy...
PT-2018-16885 · Podofo +4 · Podofo +4
Name of the Vulnerable Software and Affected Versions: PoDoFo version 0.9.5 Description: The issue arises from improper validation of memcpy arguments in the PdfMemoryOutputStream::Write function. This could allow remote attackers to cause a denial-of-service or possibly other unspecified impacts...
CVE-2017-8699
Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows...
Security update for the Windows shell remote code execution vulnerability in Windows Server 2008: September 12, 2017
Security update for the Windows shell remote code execution vulnerability in Windows Server 2008: September 12, 2017 Summary A remote code execution vulnerability exists when Windows Shell does not properly validate file copy destinations. To learn more about the vulnerability, see CVE-2017-8699...