15898 matches found
CVE-2025-55174
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
CVE-2025-55174
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
UBUNTU-CVE-2025-55174
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
CVE-2025-66262
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive...
CVE-2025-66262 Arbitrary File Overwrite via Tar Extraction Path Traversal
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive...
CVE-2025-66262 Arbitrary File Overwrite via Tar Extraction Path Traversal
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive...
EUVD-2025-199671
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive...
CVE-2025-66262
CVE-2025-66262 affects DB Electronica Mozart FM Transmitter series (versions 30–7000). The root cause is tar extraction using -C / in restore_mozzi_memories.sh, which writes extracted files to the filesystem root without path validation. When combined with unauthenticated file upload vulnerabilit...
CVE-2025-55174
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
PT-2025-48116
Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30 through 7000 Description A flaw exists that allows arbitrary file overwrites through a Tar extraction path traversal. The restore mozzi memories.sh script extracts...
DB Electronica Mozart FM Transmitter 安全漏洞
The DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from the Italian company DB Electronica. A security vulnerability exists in DB Electronica Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 that originates fr...
CVE-2025-55174
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
PT-2025-48127
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
CVE-2025-55174
CVE-2025-55174 affects KDE Skanpage prior to 25.08.0. The issue is a file-overwrite condition caused by using QIODevice::ReadWrite instead of QODevice::WriteOnly, which can cause the new file’s contents to appear at the start followed by partial old contents at the end. The vulnerability is local...
EUVD-2025-199713
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
Oracle Linux 9 : podman (ELSA-2025-21702)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21702 advisory. - fixes 'Minor Incident CVE-2025-52881 podman: container escape and denial of service due to arbitrary write gadgets and procfs write redirects rhel-9.7.z' -...
CVE-2025-55174
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the new file at the beginning followed by the partial contents of the old file at the end, because of use of QIODevice::ReadWrite instead of QODevice::WriteOnly...
CVE-2025-65102
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...
AlmaLinux 9 : podman (ALSA-2025:20909)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20909 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted t...
AlmaLinux 10 : podman (ALSA-2025:20983)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20983 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted...