MAL-2025-20688 Malicious code in flat-glob (npm)

The package flat-glob was found to contain malicious code...

TencentOS Server 3: nodejs-nodemon (TSSA-2023:0048)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

@actions-for-rust/core (>=0.1.6 <=0.1.8), @actions-rs-plus/core (>=0.0.0 <=0.7.5) +127 more potentially affected by CVE-2025-5890 via @actions/glob (>=0.1.2 <=0.7.0)

@actions/glob NPM version =0.1.2, =0.1.6, =0.0.0, =0.1.0, =1.0.1-2a6268e89ea5fbc66dadd1d897cac75b3f0a63e4.0, =0.1.0, =1.0.0, =4.0.0, =3.2.5, =1.1.0, =3.2.2, =2.0.0, =2.0.3 and more Source cves: CVE-2025-5890 Source advisory: SNYK:JS-ACTIONSGLOB-11484208...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to the globEscape function. An attacker can send specially crafted inputs that exploit inefficient regular expression complexity. Details Denial of Service DoS describes a family of attacks...

CVE-2025-5890

A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate...

CVE-2025-5890 actions toolkit glob internal-pattern.ts globEscape redos

A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate...

CVE-2025-4790

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4790

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4790 FreeFloat FTP Server GLOB Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4790

CVE-2025-4790 — FreeFloat FTP Server 1.0 is affected by a vulnerability in the GLOB Command Handler that allows a remote buffer overflow. The PT-Security report confirms a critical issue in the GLOB Command Handler with remote exploitation; no patch/version remediation details are provided in the...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the GLOB Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

PT-2025-21741 · Unknown · Freefloat Ftp Server

Name of the Vulnerable Software and Affected Versions: FreeFloat FTP Server version 1.0 Description: A critical issue was found in the GLOB Command Handler component, leading to a buffer overflow. This can be exploited remotely. The issue has been publicly disclosed. Recommendations: For FreeFloa...

PCMan FTP Server 'GLOB' Buffer Overflow Vulnerability

PCMan FTP Server is PCMan open source set of FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server 'GLOB', which originates from the GLOB command handler failing to properly validate the length and size of input data, and can be exploited by an attacker to execute...

vscode -- security feature bypass vulnerability

VSCode developers report: A security feature bypass vulnerability exists in VS Code 1.100.0 and earlier versions where a maliciously crafted URL could be considered trusted when it should not have due to how VS Code handled glob patterns in the trusted domains feature. When paired with the fetch...

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries during the processing of the glob parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

CVE-2025-4159

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2025-4159

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2025-4159 PCMan FTP Server GLOB Command buffer overflow

A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component GLOB Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2025-4159

CVE-2025-4159 affects PCMan FTP Server up to 2.0.7. The GLOB Command Handler allows a remote buffer overflow leading to arbitrary code execution or DoS. Exploitation information is publicly disclosed. Some sources (PT-2025-18377) recommend disabling the GLOB Command Handler until a fix is availab...

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server 'GLOB', which originates from the GLOB command handler failing to properly validate the length and size of input data, and can be exploited by an attacker to execute...