Lucene search
+L

413 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.16 views

EUVD-2025-31342

Malicious code in bioql PyPI...

7CVSS6.6AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-21003

Malicious code in bioql PyPI...

8.6CVSS9.1AI score0.00261EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/10/01 11:10 p.m.8 views

sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

...

4.4CVSS7AI score0.0034EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/27 12:52 p.m.16 views

CVE-2025-9267

In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in the same directory ...

7CVSS7.8AI score0.00236EPSS
Exploits0References1
NVD
NVD
added 2025/09/26 1:15 p.m.36 views

CVE-2025-9267

In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in the same directory ...

7CVSS0.00236EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/26 12:27 p.m.3 views

CVE-2025-9267

In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in the same directory ...

7CVSS7.5AI score0.00236EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.11 views

PT-2025-39638

Name of the Vulnerable Software and Affected Versions Seagate Toolkit versions prior to 2.35.0.6 Description The software attempts to load DLLs from the current working directory without validating their origin or integrity. This can be exploited by placing a malicious DLL in the same directory a...

7CVSS7.6AI score0.00236EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/09/18 6:41 p.m.13 views

CVE-2025-47906 Unexpected paths returned from LookPath in os/exec

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

0.00489EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2025/09/04 3:26 a.m.9 views

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

...

6.9CVSS7AI score0.00946EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-21237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file ...

10CVSS8.4AI score0.82715EPSS
Exploits14References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-30673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can...

6.5CVSS7AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-40590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after...

7.8CVSS7.2AI score0.00465EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/07/09 11:22 p.m.2 views

SUSE CVE-2025-46334

Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...

8.6CVSS6.7AI score0.00261EPSS
Exploits0References4
OSV
OSV
added 2025/06/20 12:42 p.m.3 views

SUSE-SU-2025:02051-1 Security update for perl

This update for perl fixes the following issues: - CVE-2025-40909: do not change the current directory when cloning an open directory handle bsc1244079...

5.9CVSS7.1AI score0.0037EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:40 a.m.8 views

CVE-2010-5259

Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow local users to gain privileges via a Trojan horse 1 wnaspi32.dll or 2 ntaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .img file. NOTE: the provenance of this information is...

6.9CVSS6.9AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:31 a.m.5 views

CVE-2010-5223

Multiple untrusted search path vulnerabilities in Phoenix Project Manager 2.1.0.8 allow local users to gain privileges via a Trojan horse 1 wbtrv32.dll or 2 w3btrv7.dll file in the current working directory, as demonstrated by a directory that contains a .ppx file. NOTE: some of these details are...

6.9CVSS7.2AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:15 a.m.8 views

CVE-2010-5219

Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .html, or .mpg file. NOTE: some of these details are obtained from third party...

6.9CVSS7AI score0.00347EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Ensure That the PATH User Variable Is Strictly Defined

In Linux, the PATH variable defines the path for searching for executable files in the user context of the current user. For example, if a user runs the ls command in any directory, the system searches for the ls command in the directories specified by PATH and executes the command. The PATH...

7.4AI score
Exploits0References4
OSV
OSV
added 2025/04/01 3:15 a.m.6 views

DEBIAN-CVE-2025-30673

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

6.5CVSS5.4AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2025/04/01 3:15 a.m.5 views

UBUNTU-CVE-2025-30673

Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code...

6.5CVSS5.8AI score0.00392EPSS
Exploits0References6
Rows per page
Query Builder