2148 matches found
CVE-2025-57176
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...
PT-2025-38226
Name of the Vulnerable Software and Affected Versions CISA Thorium versions prior to 1.1.2 Description CISA Thorium does not adequately validate the paths of downloaded files via download ephemeral and download children. A remote, authenticated attacker could access arbitrary files subject to fil...
CISA Thorium 安全漏洞
CISA Thorium is a highly scalable distributed malware analysis and data generation framework for the U.S. Cybersecurity and Infrastructure Security Administration CISA government division. A security vulnerability exists in CISA Thorium versions prior to 1.1.2 that stems from insufficient...
CISA Thorium multiple vulnerabilities
RISK EVALUATION CISA Thorium is a framework used for malware analysis. Multiple vulnerabilities were reported in Thorium. Impacts include denial of service, authenticated arbitrary file read, and failure to expire previously issued user tokens. 2. RECOMMENDED PRACTICES These issues were...
CVE-2025-43314
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data...
CVE-2025-43314
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data...
CVE-2025-43298
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to gain root privileges...
CVE-2025-43190
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data...
CVE-2025-43190
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, visionOS 26, macOS Sequoia 15.7. An app may be able to access sensitive user data...
CVE-2025-43298
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to gain root privileges...
CVE-2025-43298
The CVE-2025-43298 issue is a parsing problem in how macOS handles directory paths. Affected: macOS Sonoma 14.8 and macOS Sequoia 15.7. Impact: an app may gain root privileges due to improved path validation fixes. Remediation: apply the macOS updates (Sonoma 14.8, Sequoia 15.7). Exploitation sta...
CVE-2025-43298
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges...
CVE-2025-43190
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data...
CVE-2025-43190
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data...
CVE-2025-43190
CVE-2025-43190 describes a parsing issue in how directory paths are handled, addressed by improved path validation. The fixed products and versions listed in public records include watchOS 26, macOS Sonoma 14.8, iOS 26, iPadOS 26, visionOS 26, and macOS Sequoia 15.7. The vulnerability could enabl...
CVE-2025-43314
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data...
CVE-2025-43314
The CVE-2025-43314 issue is a parsing/validation flaw in handling directory paths that could allow an app to access sensitive user data. Public details confirm fixes are in macOS Sonoma 14.8 and macOS Sequoia 15.7 (with related references listing StorageKit path validation improvements). The root...
CVE-2025-43314
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data...
GHSA-99PG-HQVX-R4GF Flowise has an Arbitrary File Read
Summary An arbitrary file read vulnerability in the chatId parameter supplied to both the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints allows unauthenticated users to read unintended files on the local filesystem. In the default Flowise configuration this allows...
CVE-2025-57176
On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...