91 matches found
CVE-2025-49642
CVE-2025-49642 affects the Zabbix Agent for AIX. The issue is an insecure library search path that could allow a local attacker with write access to /home/cecuser to hijack library loading, enabling partial impact on confidentiality/integrity/availability as described in the sources. No patch/ver...
PT-2025-47477
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodes files/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-suppli...
CVE-2025-34323
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...
CVE-2025-62225
The vulnerability CVE-2025-62225 affects Sony Optical Disc Archive Software (Windows). The root cause is an unquoted Windows service path, which allows a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. Affected component is the Windows service reg...
EUVD-2008-6035
Malware in sbrugna...
EUVD-2025-29685
Malicious code in bioql PyPI...
EUVD-2025-13039
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-11319
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root...
CVE-2025-57699
The vulnerability CVE-2025-57699 affects Western Digital Kitfox for Windows. The issue is an unquoted file path in a Windows service, enabling a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. Root cause: unquoted service path. Affected products/v...
CVE-2025-37775
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from kernelwriteiter 2110.972290 ------------ cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch doesn't allow writing to directory...
AZL-77567 CVE-2025-37775 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from kernelwriteiter 2110.972290 ------------ cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch doesn't allow writing to directory...
UBUNTU-CVE-2025-37775
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from kernelwriteiter 2110.972290 ------------ cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch doesn't allow writing to directory...
CVE-2025-37775
CVE-2025-37775 affects the Linux kernel in the ksmbd component. The issue centers on a warning in __kernel_write_iter that could relate to directory write attempts; the patch stabilizes behavior by not allowing writes to directories, as described in the initial advisory. The vulnerability is addr...
CVE-2025-37775 ksmbd: fix the warning from __kernel_write_iter
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from kernelwriteiter 2110.972290 ------------ cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch doesn't allow writing to directory...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not allowing directory writes...
Path Traversal
github.com/hashicorp/nomad is vulnerable to path traversal. The vulnerability is due to there is no proper validation / sanitization during archive unpacking, which allows attackers to craft malicious archives that can write files outside the intended allocation directory...
DEBIAN-CVE-2024-41030
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open mayopen does not allow a directory to be opened with the write access. However, some writing flags set by client result in adding write access on server, making ksmbd incompatible...
CVE-2024-41030 ksmbd: discard write access to the directory open
In the Linux kernel, the following vulnerability has been resolved: ksmbd: discard write access to the directory open mayopen does not allow a directory to be opened with the write access. However, some writing flags set by client result in adding write access on server, making ksmbd incompatible...
PT-2024-28627 · Bert-Vits · Bert-Vits
Name of the Vulnerable Software and Affected Versions: Bert-VITS2 versions 2.3 and earlier Description: The issue is related to the data dir variable, where user input is concatenated with other folders and used to open a new file in the generate config function, leading to a limited file write...
PT-2024-29211
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43 Description The issue is related to the ksmbd component in the Linux kernel, where the may open function does not allow a directory to be opened with write access. However, some writing flags set by the...