Lucene search
K

15964 matches found

Positive Technologies
Positive Technologies
added 2025/08/30 12:0 a.m.5 views

PT-2025-35369

Name of the Vulnerable Software and Affected Versions: WM Downloader version 3.1.2.2 Description: WM Downloader version 3.1.2.2 is susceptible to a buffer overflow when handling a crafted .m3u playlist file. Insufficient input length validation allows overwriting of structured exception handler S...

8.4CVSS7.5AI score0.00304EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/08/28 8:28 a.m.1 views

CVE-2025-54819

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...

7.1CVSS6.5AI score0.00425EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/28 8:28 a.m.8 views

CVE-2025-54819

Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...

7.1CVSS0.00425EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.4 views

DOS & CO SS1 路径遍历漏洞

DOS & CO SS1 is an asset management tool from DOS & CO Japan. A path traversal vulnerability exists in DOS & CO SS1 version 16.0.0.10 and earlier, which stems from an improperly restricted pathname and could allow a remote, authenticated attacker to overwrite legitimate files...

7.1CVSS6.6AI score0.00425EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.5 views

PT-2025-34977

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0.a and earlier Description: An improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists. A remote authenticated attacker may overwrite legitimate fil...

7.1CVSS6.7AI score0.00425EPSS
Exploits0References5
NVD
NVD
added 2025/08/27 5:15 p.m.2 views

CVE-2025-20295

A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...

6CVSS0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/27 4:23 p.m.8 views

CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...

6CVSS0.00179EPSS
Exploits0References1
CVE
CVE
added 2025/08/27 4:23 p.m.18 views

CVE-2025-20295

CVE-2025-20295 affects Cisco UCS Manager Software (CLI) where an authenticated local attacker with administrative privileges can read, create, or overwrite files on the device’s underlying OS due to insufficient input validation of command arguments. The root cause is input validation failure in ...

6CVSS6.4AI score0.00179EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-6105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can...

8.2CVSS7.5AI score0.02009EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-7776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to...

9.1CVSS8AI score0.01357EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-32258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...

8.8CVSS5.8AI score0.01872EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-13709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of th...

7.5CVSS7.2AI score0.01058EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-29136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when umoci...

5.5CVSS6.4AI score0.00344EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-9894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. CVE-2019-9894 Note that Nessus relies o...

7.5CVSS7.9AI score0.02447EPSS
Exploits0References2
NVD
NVD
added 2025/08/26 11:15 p.m.4 views

CVE-2025-0086

In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/26 10:48 p.m.6 views

CVE-2025-0086

In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00124EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/26 10:48 p.m.3 views

CVE-2025-0086

In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5AI score0.00124EPSS
Exploits0References2
CVE
CVE
added 2025/08/26 10:48 p.m.73 views

CVE-2025-0086

Technical details such as affected products, versions, root cause, or remediation for CVE-2025-0086 are not publicly provided in the connected documents. Monitor for updates.

6.2CVSS6AI score0.00124EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/08/26 6:15 p.m.2 views

CVE-2025-55298

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...

8.8CVSS0.04065EPSS
Exploits1References4
CVE
CVE
added 2025/08/26 5:20 p.m.55 views

CVE-2025-55298

ImageMagick vulnerability CVE-2025-55298 is caused by a format string bug in InterpretImageFilename where un-sanitized user input is passed to FormatLocaleString, enabling potential heap overflow or remote code execution due to memory overwrite. Affected releases before patches include ImageMagic...

8.8CVSS7.6AI score0.04065EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder