CVE-2025-35430

CISA Thorium does not adequately validate the paths of downloaded files via 'downloadephemeral' and 'downloadchildren'. A remote, authenticated attacker could access arbitrary files subject to file system permissions. Fixed in 1.1.2...

CVE-2025-35430

CVE-2025-35430 affects the CISA Thorium framework. The vulnerability stems from inadequate validation of downloaded file paths in the functions download_ephemeral and download_children, allowing a remote, authenticated attacker to access arbitrary files subject to filesystem permissions. Affected...

CVE-2025-35430 CISA Thorium insecure downloaded file path validation

CISA Thorium does not adequately validate the paths of downloaded files via 'downloadephemeral' and 'downloadchildren'. A remote, authenticated attacker could access arbitrary files subject to file system permissions. Fixed in 1.1.2...

CVE-2025-10058

Mode C: The WP Import – Ultimate CSV XML Importer for WordPress plugin is affected (versions

CVE-2025-57176

On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...

PT-2025-38226

Name of the Vulnerable Software and Affected Versions CISA Thorium versions prior to 1.1.2 Description CISA Thorium does not adequately validate the paths of downloaded files via download ephemeral and download children. A remote, authenticated attacker could access arbitrary files subject to fil...

CISA Thorium 安全漏洞

CISA Thorium is a highly scalable distributed malware analysis and data generation framework for the U.S. Cybersecurity and Infrastructure Security Administration CISA government division. A security vulnerability exists in CISA Thorium versions prior to 1.1.2 that stems from insufficient...

CISA Thorium multiple vulnerabilities

RISK EVALUATION CISA Thorium is a framework used for malware analysis. Multiple vulnerabilities were reported in Thorium. Impacts include denial of service, authenticated arbitrary file read, and failure to expire previously issued user tokens. 2. RECOMMENDED PRACTICES These issues were...

CVE-2025-43314

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data...

CVE-2025-43314

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data...

CVE-2025-43298

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to gain root privileges...

CVE-2025-43190

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, visionOS 26, macOS Sequoia 15.7. An app may be able to access sensitive user data...

CVE-2025-43190

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data...

CVE-2025-43298

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to gain root privileges...

CVE-2025-43298

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges...

CVE-2025-43298

The CVE-2025-43298 issue is a parsing problem in how macOS handles directory paths. Affected: macOS Sonoma 14.8 and macOS Sequoia 15.7. Impact: an app may gain root privileges due to improved path validation fixes. Remediation: apply the macOS updates (Sonoma 14.8, Sequoia 15.7). Exploitation sta...

CVE-2025-43190

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data...

CVE-2025-43190

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data...

CVE-2025-43190

CVE-2025-43190 describes a parsing issue in how directory paths are handled, addressed by improved path validation. The fixed products and versions listed in public records include watchOS 26, macOS Sonoma 14.8, iOS 26, iPadOS 26, visionOS 26, and macOS Sequoia 15.7. The vulnerability could enabl...

CVE-2025-43314

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data...