15959 matches found
RHEL 9 : podman (RHSA-2025:15900)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15900 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
USN-7748-1: Vim vulnerabilities
It was discovered that Vim incorrectly handled file extraction when opening maliciously crafted zip or tar archives. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...
USN-7748-1 vim vulnerabilities
It was discovered that Vim incorrectly handled file extraction when opening maliciously crafted zip or tar archives. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
PT-2025-37350
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 Description: An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files by submitting a crafted PUT request. Recommendations: At the moment, there is no...
Audi UTR 2.0 安全漏洞
Audi UTR 2.0 is an in-vehicle car recording system from Audi Germany. A security vulnerability exists in Audi UTR 2.0, which stems from a specially crafted PUT request that can lead to arbitrary file overwrites...
curl 安全漏洞
curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl that stems from a heap buffer boundary read error in the path comparison logic, which could lead to a crash or a security cookie being overwritten by a plaintext site...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45586
CVE-2025-45586 affects Audi UTR 2.0 Universal Traffic Recorder 2.0. The issue allows an attacker to arbitrarily overwrite files by sending a crafted PUT request. The connected sources consistently describe a file overwrite condition via a crafted PUT to the affected application, but do not provid...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-58755
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...
Linux Distros Unpatched Vulnerability : CVE-2021-25956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dolibarr application, v3.3.beta120121221 to v13.0.2 have Modify access for admin level users to change other user's details but fails to validate already...
PYSEC-2025-140
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...
CVE-2025-58755
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. In versions up to and including 1.5.0, when the Zip file containing malicious...
Wago CODESYS V2 Runtime Toolkit Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2021-34595)
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. This plugin only works with Tenable.ot. Please visit...
CVE-2024-21947
Improper input validation in the system management mode SMM could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level...
Podman: podman kube play command may overwrite host files
...
CVE-2024-21947
Improper input validation in the system management mode SMM could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level...