CVE-2025-66593

An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

CVE-2026-24765

A flaw was found in PHPUnit, a testing framework for PHP. This vulnerability involves unsafe deserialization of code coverage data during PHPT test execution. An attacker with local file write access can exploit this by placing a malicious serialized object into the file system. This can lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-24765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe...

GHSA-VVJ3-C3RP-C85P PHPUnit Vulnerable to Unsafe Deserialization in PHPT Code Coverage Handling

Overview A vulnerability has been discovered involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserializes code coverage files without validation, potentially allowing remote code execution if malicious...

CVE-2026-24765

PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...

CVE-2026-24765

PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in the cleanupForCoverage method, which deserialize...

Security Advisory EPM November 2025 for EPM 2024

Summary Ivanti has released updates for Ivanti Endpoint Manager which addresses three high vulnerabilities. Successful exploitation could allow a local authenticated attacker to write arbitrary files anywhere on disk. Two of the resolved vulnerabilities, CVE-2025-9713 and CVE-2025-11622, were...

EUVD-2016-6204

Malware in sbrugna...

EUVD-2018-0670

Malware in sbrugna...

EUVD-2018-0570

Malware in sbrugna...

EUVD-2015-7658

Malware in sbrugna...

EUVD-2024-18519

Malicious code in bioql PyPI...

EUVD-2022-5711

Malicious code in bioql PyPI...

EUVD-2022-28209

Malicious code in bioql PyPI...

CVE-2025-50817

Removed by vendor...

NewStart CGSL MAIN 7.02 : cpio Vulnerability (NS-SA-2025-0164)

The remote NewStart CGSL host, running version MAIN 7.02, has cpio packages installed that are affected by a vulnerability: - cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. CVE-2015-1197 Note...

VulnCheck KEV: CVE-2025-35939

Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a known local file location on the server. This vulnerability could be chained with...

SUSE CVE-2019-11249

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user's machine. If the tar binary in the container is...

K17212: PHP vulnerability CVE-2014-5459

Security Advisory Description The PEARREST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a 1 rest.cachefile or 2 rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions...

SUSE CVE-2014-5459

The PEARREST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a 1 rest.cachefile or 2 rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions...