15955 matches found
EUVD-2023-51282
Malicious code in bioql PyPI...
EUVD-2024-34586
Malicious code in bioql PyPI...
EUVD-2022-6821
Malicious code in bioql PyPI...
EUVD-2023-12816
Malicious code in bioql PyPI...
EUVD-2022-33211
Malicious code in bioql PyPI...
EUVD-2023-1301
Malicious code in bioql PyPI...
EUVD-2025-27030
Malicious code in bioql PyPI...
EUVD-2024-22895
Malicious code in bioql PyPI...
EUVD-2023-3236
Malicious code in bioql PyPI...
EUVD-2022-25192
Malicious code in bioql PyPI...
CVE-2025-61593 Cursor CLI Agent: Sensitive File Overwrite Bypass
Cursor is a code editor built for programming with AI. In versions 1.7 and below, a vulnerability in the way Cursor CLI Agent protects its sensitive files i.e. /.cursor/cli.json allows attackers to modify the content of the files through prompt injection, thus achieving remote code execution. A...
CVE-2025-61588
CVE-2025-61588 affects risc0-zkvm-platform (<= 2.0.2), risc0-aggregation (<0.9), risc0-zkos-v1compat (
The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the Bulk User Import endpoint due to improper sanitization of the file path wrapper and value. An attacker can access unauthorized files or resources by supplying arbitrary file paths or URLs. Details A Directory...
podman: Podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
LibreSSL -- overwrite and -read vulnerability
The LibreSSL project reports: An incorrect length check can result in a 4-byte overwrite and an 8-byte overread...
Delta Electronics DIALink Directory Traversal Authentication Bypass Vulnerability
This vulnerability allows remote attackers to overwrite configuration files on affected installations of Delta Electronics DIALink. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 7631 by default. The issue...
FreeBSD : LibreSSL -- overwrite and -read vulnerability (699ef80f-9e91-11f0-bc5f-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 699ef80f-9e91-11f0-bc5f-8447094a420f advisory. The LibreSSL project reports: An incorrect length check can result in a 4-byte overwrite and an 8-byte...
Arbitrary File Creation
github.com/charmbracelet/soft-serve is vulnerable to Arbitrary file creation. The vulnerability is due to uncontrolled data being written through its SSH API, which allows an attacker to create or override arbitrary files...
NewStart CGSL MAIN 6.06 : python-pip Vulnerability (NS-SA-2025-0209)
The remote NewStart CGSL host, running version MAIN 6.06, has python-pip packages installed that are affected by a vulnerability: - pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory. CVE-2013-1888 Note that Ness...