CLSA-2025-1765208529 vim: Fix of 2 CVEs

CVE-2025-53906: drop leading ../ on write of zipfiles, don't forcefully overwrite existing files - CVE-2025-29768: use glob '-' to protect filenames starting with '-'...

📄 DNN Platform Pre‑10.1.1 Arbitrary File Upload

DNN Platform version Pre‑10.1.1 suffers from an unauthenticated arbitrary file upload vulnerability. This software was formerly known as DotNetNuke. ============================================================================================================================================= | Titl...

CVE-2025-13620

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to missing authorization in versions up to, and including, 3.1.3. This is due to the REST routes wslu/v1/checkcache/type, wslu/v1/savecache/type, and wslu/v1/settings/clearcountercache being registered with...

CVE-2025-54307

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The pluploadfileupload function handles these fil...

EUVD-2025-201405

The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to missing authorization in versions up to, and including, 3.1.3. This is due to the REST routes wslu/v1/checkcache/type, wslu/v1/savecache/type, and wslu/v1/settings/clearcountercache being registered with...

WordPress plugin Wp Social Login and Register Social Counter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2025-54307

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The pluploadfileupload function handles these fil...

CVE-2025-54307

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The pluploadfileupload function handles these fil...

EUVD-2025-201174

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The pluploadfileupload function handles these fil...

PT-2025-49044

Name of the Vulnerable Software and Affected Versions Thermo Fisher Torrent Suite version 5.18.1 Description The Django application within Thermo Fisher Torrent Suite has a flaw related to file uploads. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ API...

BIT-NGINX-GATEWAY-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

Oracle Linux 9 : podman (ELSA-2025-20909)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20909 advisory. - fixes 'CVE-2025-9566 podman: Podman kube play command may overwrite host files rhel-9.7' Tenable has extracted the preceding description block...

Directory Traversal

Overview @fastify/reply-from is a forward your HTTP request to another server, for fastify Affected versions of this package are vulnerable to Directory Traversal via the reply.from function. An attacker can access unauthorized routes by crafting a malicious URL containing encoded directory...

EUVD-2025-200074

express improperly controls modification of query properties...

PUB-A-445162487

In tracepointmsghandler of cpm/google/lib/tracepoint/tracepointipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2025-55174

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the...

container-tools:rhel8 security update

An update is available for module.crun, fuse-overlayfs, module.slirp4netns, python-podman, module.runc, container-selinux, module.podman, module.udica, module.aardvark-dns, module.fuse-overlayfs, cockpit-podman, aardvark-dns, module.conmon, containers-common, libslirp, criu,...

CVE-2025-55174

A flaw was found in Skanpage. This vulnerability allows an attacker to partially overwrite files, resulting in a file containing new content followed by partial old content, due to incorrect use of QIODevice::ReadWrite instead of QODevice::WriteOnly...

CVE-2025-66262

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive...

Keyless Entry: Breaking and Entering EMMC RPMB with EMFI

The Replay Protected Memory Block RPMB in modern storage systems provides a secure area where data integrity is ensured by authentication. This block is used in digital devices to store pivotal information that must be safeguarded against modification by potential attackers. This paper targets th...