Lucene search
K

15959 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.4 views

RHEL 9 : podman (RHSA-2025:15900)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15900 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

8.1CVSS5.7AI score0.01008EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/09/15 1:18 p.m.5 views

USN-7748-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled file extraction when opening maliciously crafted zip or tar archives. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...

4.1CVSS6.5AI score0.00731EPSS
Exploits2
OSV
OSV
added 2025/09/15 1:18 p.m.6 views

USN-7748-1 vim vulnerabilities

It was discovered that Vim incorrectly handled file extraction when opening maliciously crafted zip or tar archives. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...

4.1CVSS6.6AI score0.00731EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/09/14 12:10 a.m.20 views

CVE-2025-45586

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...

7.5CVSS6.9AI score0.00298EPSS
Exploits1References1
NVD
NVD
added 2025/09/12 9:15 p.m.3 views

CVE-2025-45586

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...

7.5CVSS0.00298EPSS
Exploits1References1
OSV
OSV
added 2025/09/12 9:15 p.m.2 views

CVE-2025-45586

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...

7.5CVSS5.8AI score0.00298EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/12 12:0 a.m.5 views

PT-2025-37350

Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 Description: An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files by submitting a crafted PUT request. Recommendations: At the moment, there is no...

7.5CVSS6.3AI score0.00298EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.2 views

Audi UTR 2.0 安全漏洞

Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0, which stems from a specially crafted PUT request that can lead to arbitrary file overwrites...

7.5CVSS6.8AI score0.00298EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.0 views

curl 安全漏洞

curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl that stems from a heap buffer boundary read error in the path comparison logic, which could lead to a crash or a security cookie being overwritten by a plaintext site...

7.5CVSS7.3AI score0.01301EPSS
Exploits1References8
Cvelist
Cvelist
added 2025/09/12 12:0 a.m.7 views

CVE-2025-45586

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...

0.00298EPSS
Exploits1References1
CVE
CVE
added 2025/09/12 12:0 a.m.19 views

CVE-2025-45586

CVE-2025-45586 affects Audi UTR 2.0 Universal Traffic Recorder 2.0. The issue allows an attacker to arbitrarily overwrite files by sending a crafted PUT request. The connected sources consistently describe a file overwrite condition via a crafted PUT to the affected application, but do not provid...

7.5CVSS6.5AI score0.00298EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/12 12:0 a.m.5 views

CVE-2025-45586

An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...

6.5AI score0.00298EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/09/11 12:16 a.m.7 views

CVE-2025-58755

MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...

8.8CVSS6.7AI score0.00568EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-25956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dolibarr application, v3.3.beta120121221 to v13.0.2 have Modify access for admin level users to change other user's details but fails to validate already...

7.2CVSS6.9AI score0.00935EPSS
Exploits0References2
PyPA
PyPA
added 2025/09/09 12:15 a.m.9 views

PYSEC-2025-140

MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...

8.8CVSS5.7AI score0.00568EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/09/09 12:15 a.m.4 views

CVE-2025-58755

MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...

8.8CVSS0.00568EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.3 views

Wago CODESYS V2 Runtime Toolkit Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-34595)

A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. This plugin only works with Tenable.ot. Please visit...

8.1CVSS7.7AI score0.00851EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/08 5:31 p.m.3 views

CVE-2024-21947

Improper input validation in the system management mode SMM could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level...

7.5CVSS7.7AI score0.00128EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/09/07 1:16 a.m.4 views

Podman: podman kube play command may overwrite host files

...

8.1CVSS7AI score0.01008EPSS
Exploits0
NVD
NVD
added 2025/09/06 6:15 p.m.6 views

CVE-2024-21947

Improper input validation in the system management mode SMM could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level...

7.5CVSS0.00128EPSS
Exploits0References2
Rows per page
Query Builder