Lucene search
K

15955 matches found

Positive Technologies
Positive Technologies
added 2025/09/06 12:0 a.m.5 views

PT-2025-36384

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: Improper input validation in the system management mode SMM could allow a privileged attacker to overwrite arbitrary memory, potentially resulting in arbitrar...

7.5CVSS6.9AI score0.00128EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/09/06 12:0 a.m.2 views

AMD Embedded Processors和AMD Client Processor 安全漏洞

AMD Embedded Processors and AMD Client Processor are both products of AMD Semiconductor, Inc.AMD Embedded Processors are a family of embedded high-performance GPUs.AMD Client Processor is a processor for client devices such as personal computers, AMD Embedded Processors and AMD Client Processors...

7.5CVSS7.4AI score0.00128EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/09/05 11:28 p.m.4 views

SUSE CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS7AI score0.01008EPSS
Exploits0References17
OSV
OSV
added 2025/09/05 8:15 p.m.8 views

AZL-67046 CVE-2025-9566 affecting package podman 4.1.1-26

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS7.3AI score0.01008EPSS
Exploits0References1
OSV
OSV
added 2025/09/05 8:15 p.m.4 views

CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS7AI score0.01008EPSS
Exploits0References29
NVD
NVD
added 2025/09/05 8:15 p.m.7 views

CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS0.01008EPSS
Exploits0References32
OSV
OSV
added 2025/09/05 8:15 p.m.3 views

UBUNTU-CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/09/05 7:54 p.m.5 views

CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.4AI score0.01008EPSS
Exploits0References33Affected Software23
CVE
CVE
added 2025/09/05 7:54 p.m.71 views

CVE-2025-9566

Vulnerability (CVE-2025-9566) affects the podman component. The issue arises when using the kube play command with a volume mount from a Secrete or a ConfigMap whose volume contains a symbolic link to a host file path; an attacker can cause the host file to be overwritten. The attack is limited t...

8.1CVSS6.5AI score0.01008EPSS
Exploits0References32
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.4 views

Podman 路径遍历漏洞

Podman is a Podman open source engine for developing, managing and running OCI containers on Linux systems. Podman suffers from a path traversal vulnerability that stems from the fact that the kube play command may be used to overwrite a host file, potentially resulting in the file being...

8.1CVSS6.5AI score0.01008EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/09/04 8:1 p.m.4 views

podman kube play symlink traversal vulnerability

Impact The podman kube play command can overwrite host files when the kube file contains a ConfigMap or Secret volume mount and the volume already contains a symlink to a host file. This allows a malicious container to write to arbitrary files on the host BUT the attacker only controls the target...

8.1CVSS6.7AI score0.01008EPSS
Exploits0References34Affected Software2
OSV
OSV
added 2025/09/04 8:1 p.m.3 views

GHSA-WP3J-XQ48-XPJW podman kube play symlink traversal vulnerability

Impact The podman kube play command can overwrite host files when the kube file contains a ConfigMap or Secret volume mount and the volume already contains a symlink to a host file. This allows a malicious container to write to arbitrary files on the host BUT the attacker only controls the target...

8.1CVSS6.7AI score0.01008EPSS
Exploits0References34
Microsoft CVE
Microsoft CVE
added 2025/09/04 11:33 a.m.8 views

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

...

8.8CVSS7AI score0.00578EPSS
Exploits1
Snyk
Snyk
added 2025/09/04 12:0 a.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the podman kube play command. An attacker can cause sensitive data corruption and system crashes by supplying a malicious Kubernetes YAML file that results in overwriting critical host files. The attacker only...

8.1CVSS7.9AI score0.01008EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-34338

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName in decompiler.c file that causes a direct segmentation fault and leads to denial ...

6.5CVSS6.7AI score0.00942EPSS
Exploits1References2
Redos
Redos
added 2025/09/04 12:0 a.m.4 views

ROS-20250904-01

A vulnerability in the converter program that converts man pages to HTML man2html format is related to overwriting the the size parameter in the top fragment of the heap. Exploitation of the vulnerability could allow an attacker to perform an arbitrary writing to any memory location in the progra...

5.5CVSS5.3AI score0.00314EPSS
Exploits2
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:38 p.m.5 views

An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.

...

7.1CVSS7AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 10:4 p.m.6 views

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.

...

8.8CVSS7AI score0.00557EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 9:50 p.m.6 views

f2fs: fix potential deadloop in prepare_compress_overwrite()

...

5.5CVSS6.8AI score0.00102EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/09/03 3:27 p.m.303 views

Exploit for Integer Overflow or Wraparound in Tesla Model_3_Firmware

CVE-2025-2082 – Function Pointer Overwrite PoV VCSEC-style...

7.5CVSS7.9AI score0.00331EPSS
Exploits2
Rows per page
Query Builder