PT-2025-47808

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.16 Description PJSIP is a multimedia communication library. Versions before 2.16 may experience a memory overwrite issue when using the Opus audio codec in receiving direction. This occurs because Opus PLC may zero-fi...

PT-2025-47796

Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service...

WordPress Code Snippets plugin code injection vulnerability

WordPress Code Snippets plugin is a plugin designed for WordPress to conveniently add and manage custom code snippets without having to directly modify the theme files. The WordPress Code Snippets plugin suffers from a code injection vulnerability that stems from the evaluateshortcodefromflatfile...

Slackware: Security Advisory (SSA:2025-324-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 4: rsync (TSSA-2025:0082)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0082 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: thunderbird (TSSA-2024:0132)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0132 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CLSA-2025-1763558418 xorg-x11-server-Xwayland: Fix of CVE-2023-6377

CVE-2023-6377: fix buffer overwrite caused by allocating too few XkbActions for device buttons, preventing writes past the intended action array...

CVE-2025-41736

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

PT-2025-47479

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated prompt upload endpoint at AudioCodes files/utils/IVR/diagram/ajaxPromptUploadFile.php. The script accepts an uploaded file an...

CVE-2025-41736

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

libtiff: Libtiff Write-What-Where

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

Whose Narrative Is It Anyway? A KV Cache Manipulation Attack

The Key ValueKV cache is an important component for efficient inference in autoregressive Large Language Models LLMs, but its role as a representation of the model's internal state makes it a potential target for integrity attacks. This paper introduces "History Swapping," a novel block-level...

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2020-8177)

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2020-12062)

The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...

MAL-2025-180238 Malicious code in teate-thy-sonic-cekwo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0648d54538e5f94a871a56fe1979cac9aadaa55e572d90834272f13605d73fe3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes A bad USB device is able to construct a service connection response message with target endpoint being ENDPOINT0 which is reserved for HTCCTRLRSVDSVC and should not be...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2025-2376)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : vim (EulerOS-SA-2025-2376)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...