15964 matches found
PT-2025-35369
Name of the Vulnerable Software and Affected Versions: WM Downloader version 3.1.2.2 Description: WM Downloader version 3.1.2.2 is susceptible to a buffer overflow when handling a crafted .m3u playlist file. Insufficient input length validation allows overwriting of structured exception handler S...
CVE-2025-54819
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...
CVE-2025-54819
Improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists in SS1 Ver.16.0.0.10 and earlier Media version:16.0.0a and earlier. If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker...
DOS & CO SS1 路径遍历漏洞
DOS & CO SS1 is an asset management tool from DOS & CO Japan. A path traversal vulnerability exists in DOS & CO SS1 version 16.0.0.10 and earlier, which stems from an improperly restricted pathname and could allow a remote, authenticated attacker to overwrite legitimate files...
PT-2025-34977
Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0.a and earlier Description: An improper limitation of a pathname to a restricted directory 'Path Traversal' issue exists. A remote authenticated attacker may overwrite legitimate fil...
CVE-2025-20295
A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...
CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...
CVE-2025-20295
CVE-2025-20295 affects Cisco UCS Manager Software (CLI) where an authenticated local attacker with administrative privileges can read, create, or overwrite files on the device’s underlying OS due to insufficient input validation of command arguments. The root cause is input validation failure in ...
Linux Distros Unpatched Vulnerability : CVE-2020-6105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can...
Linux Distros Unpatched Vulnerability : CVE-2024-7776
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to...
Linux Distros Unpatched Vulnerability : CVE-2024-32258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM...
Linux Distros Unpatched Vulnerability : CVE-2017-13709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of th...
Linux Distros Unpatched Vulnerability : CVE-2021-29136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when umoci...
Linux Distros Unpatched Vulnerability : CVE-2019-9894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. CVE-2019-9894 Note that Nessus relies o...
CVE-2025-0086
In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0086
In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0086
In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0086
Technical details such as affected products, versions, root cause, or remediation for CVE-2025-0086 are not publicly provided in the connected documents. Monitor for updates.
CVE-2025-55298
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298
ImageMagick vulnerability CVE-2025-55298 is caused by a format string bug in InterpretImageFilename where un-sanitized user input is passed to FormatLocaleString, enabling potential heap overflow or remote code execution due to memory overwrite. Affected releases before patches include ImageMagic...