GHSA-GV8H-7V7W-R22Q Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

Docker Compose Vulnerable to Path Traversal via OCI Artifact Layer Annotations

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

Docker Compose 路径遍历漏洞

Docker Compose is a Docker open source for defining and running multi-container applications using Docker. A path traversal vulnerability exists in Docker Compose that stems from trusting path information in a remote OCI compose artifact, which could lead an attacker to escape the cache directory...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2025:3782-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3782-1 advisory. - CVE-2025-9566: fixed a case when kube play command could overwrite host files bsc1249154. Tenable has extracted the precedin...

EulerOS 2.0 SP13 : vim (EulerOS-SA-2025-2314)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vims tar.vim plugin can allow overwriting of...

EulerOS 2.0 SP13 : git (EulerOS-SA-2025-2256)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command...

CLSA-2025-1761214095 qemu-kvm: Fix of CVE-2023-5088

CVE-2023-5088: fix incorrect guest I/O redirection to offset 0 that could allow data overwrite at LBA 0 and potential VM escape...

Debian dsa-6035 : internetarchive - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6035 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6035-1 [email protected] https://www.debian.org/security/...

Security update for podman

This update for podman fixes the following issues: CVE-2025-9566: Fixed kube play command overwriting host files bsc1249154 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

TencentOS Server 3: container-tools:rhel8 (TSSA-2025:0821)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0821 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Use of a Cryptographic Primitive with a Risky Implementation

Overview Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation in the handling of precompiles in the BalanceHandler that can cause prevEventsLen to be overwritten. An attacker can compromise the integrity or confidentiality of the system ...

CVE-2025-11624

CVE-2025-11624 affects wolfSSH (SFTP server side) in wolfSSL. A stack buffer overwrite can occur when processing a malicious SFTP packet whose handle size is larger than the system handle or FD size but smaller than the maximum allowed handle size. The vulnerability is described across multiple s...

CVE-2025-11624 Buffer overwrite when processing file handles with the SFTP server

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed...

PT-2025-42885

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A stack buffer overwrite can occur on the SFTP server side when receiving a malicious packet. The issue arises when the packet's handle size exceeds the system handle or file descriptor size, but remains withi...

CVE-2025-62511

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...

[SECURITY] [DSA 6029-1] ark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6029-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 20, 2025 https://www.debian.org/security/faq -...

CVE-2025-62511

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...

EUVD-2025-34935

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...

CVE-2025-62511 yt-grabber-tui local arbitrary file overwrite via TOCTOU race in config file creation

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...

CVE-2025-62511 yt-grabber-tui local arbitrary file overwrite via TOCTOU race in config file creation

yt-grabber-tui is a C++ terminal user interface application for downloading YouTube content. yt-grabber-tui version 1.0 contains a Time-of-Check to Time-of-Use TOCTOU race condition CWE-367 in the creation of the default configuration file config.json. In version 1.0, loadjsonsettings in...