33 matches found
EUVD-2025-28525
Malicious code in bioql PyPI...
EUVD-2025-28037
Malicious code in bioql PyPI...
EUVD-2025-28540
Malicious code in bioql PyPI...
CVE-2025-52460
Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If exploited, uploaded files and SS1 configuration files may be accessed by a remote unauthenticated attacker...
CVE-2025-54819
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...
CVE-2025-54762
SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges...
CVE-2025-58081
Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier allows a remote unauthenticated attacker to view arbitrary files with root privileges...
CVE-2025-58072
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, arbitrary files may be viewed by a remote unauthenticated attacker...
CVE-2025-54819
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...
CVE-2025-58081
CVE-2025-58081 affects SS1 software (SS1 Ver.16.0.0.10 and earlier; Media version:16.0.0a and earlier). The issue is use of a hard-coded password, enabling a remote unauthenticated attacker to view arbitrary files with root privileges. Public disclosures across NVD, Red Hat, JVN and related recor...
CVE-2025-58081
Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier allows a remote unauthenticated attacker to view arbitrary files with root privileges...
CVE-2025-58072
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, arbitrary files may be viewed by a remote unauthenticated attacker...
CVE-2025-58072
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, arbitrary files may be viewed by a remote unauthenticated attacker...
CVE-2025-54819
CVE-2025-54819 is a path-traversal vulnerability in SS1 (DOS Co.) SS1 versions 16.0.0.10 and earlier (Media 16.0.0a and earlier). An authenticated remote attacker could overwrite legitimate files due to improper pathname restriction. Public sources (Red Hat, NVD, JVN, CVE lists, PT-Security, CNNV...
CVE-2025-54819
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...
CVE-2025-54762
SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges...
CVE-2025-54762
CVE-2025-54762 affects SS1 and its Media version (SS1 Ver.16.0.0.10 and earlier; Media 16.0.0a and earlier). The vulnerability enables a remote, unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges. Connected sources additionally map this to multiple S...
CVE-2025-53396
Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier, which may allow users who can log in to a client terminal to obtain root privileges...
CVE-2025-53396
Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier, which may allow users who can log in to a client terminal to obtain root privileges...
PT-2025-34975
Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier Description: SS1 versions 16.0.0.10 and earlier Media version 16.0.0a and earlier allow a remote, unauthenticated attacker to upload arbitrary files and execute OS...