15955 matches found
PT-2025-36384
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: Improper input validation in the system management mode SMM could allow a privileged attacker to overwrite arbitrary memory, potentially resulting in arbitrar...
AMD Embedded Processors和AMD Client Processor 安全漏洞
AMD Embedded Processors and AMD Client Processor are both products of AMD Semiconductor, Inc.AMD Embedded Processors are a family of embedded high-performance GPUs.AMD Client Processor is a processor for client devices such as personal computers, AMD Embedded Processors and AMD Client Processors...
SUSE CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
AZL-67046 CVE-2025-9566 affecting package podman 4.1.1-26
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
UBUNTU-CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
CVE-2025-9566
Vulnerability (CVE-2025-9566) affects the podman component. The issue arises when using the kube play command with a volume mount from a Secrete or a ConfigMap whose volume contains a symbolic link to a host file path; an attacker can cause the host file to be overwritten. The attack is limited t...
Podman 路径遍历漏洞
Podman is a Podman open source engine for developing, managing and running OCI containers on Linux systems. Podman suffers from a path traversal vulnerability that stems from the fact that the kube play command may be used to overwrite a host file, potentially resulting in the file being...
podman kube play symlink traversal vulnerability
Impact The podman kube play command can overwrite host files when the kube file contains a ConfigMap or Secret volume mount and the volume already contains a symlink to a host file. This allows a malicious container to write to arbitrary files on the host BUT the attacker only controls the target...
GHSA-WP3J-XQ48-XPJW podman kube play symlink traversal vulnerability
Impact The podman kube play command can overwrite host files when the kube file contains a ConfigMap or Secret volume mount and the volume already contains a symlink to a host file. This allows a malicious container to write to arbitrary files on the host BUT the attacker only controls the target...
Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the podman kube play command. An attacker can cause sensitive data corruption and system crashes by supplying a malicious Kubernetes YAML file that results in overwriting critical host files. The attacker only...
Linux Distros Unpatched Vulnerability : CVE-2021-34338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ming 0.4.8 has an out-of-bounds buffer overwrite issue in the function getName in decompiler.c file that causes a direct segmentation fault and leads to denial ...
ROS-20250904-01
A vulnerability in the converter program that converts man pages to HTML man2html format is related to overwriting the the size parameter in the top fragment of the heap. Exploitation of the vulnerability could allow an attacker to perform an arbitrary writing to any memory location in the progra...
An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.
...
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.
...
f2fs: fix potential deadloop in prepare_compress_overwrite()
...
Exploit for Integer Overflow or Wraparound in Tesla Model_3_Firmware
CVE-2025-2082 – Function Pointer Overwrite PoV VCSEC-style...