CVE-2025-1944

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...

EUVD-2009-5080

Malware in sbrugna...

EUVD-2004-0235

Malware in sbrugna...

Zip Exploit Crashes Picklescan But Not PyTorch

Summary PickleScan is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise...

GHSA-7Q5R-7GVP-WC82 Zip Exploit Crashes Picklescan But Not PyTorch

Summary PickleScan is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise...

CVE-2025-1944

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...

PYSEC-2025-20

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...

CVE-2025-1944 picklescan ZIP archive manipulation attack leads to crash

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...

CVE-2025-1944 picklescan ZIP archive manipulation attack leads to crash

picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan...

CVE-2022-47634

M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867...

libarchive: Multiple Vulnerabilities

Background libarchive is a library for manipulating different streaming archive formats, including certain tar variants, several cpio formats, and both BSD and GNU ar variants. Description Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced...

[SECURITY] Fedora 29 Update: libzip-1.5.2-1.fc29

libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...

CVE-2014-6407

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a 1 symlink or 2 hard link attack in an image archive in a a pull or b load operation...

CVE-2014-8737

Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. dot dot or full path name in an archive to 1 strip or 2 objcopy or create arbitrary files via 3 a .. dot dot or full path name in an archive to ar...

GLSA-201001-03 : PHP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201001-03 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Impact : A context-dependent attack...

Debian DSA-991-1 : zoo - buffer overflow

Jean-Sebastien Guay-Leroux discovered a buffer overflow in zoo, a utility to manipulate zoo archives, that could lead to the execution of arbitrary code when unpacking a specially crafted zoo archive. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

farsiNews.txt

FarsiNews 2.5 Multiple Vulnerabilities FarsiNews is a News Publishing System That uses Flat files to store its Datas... Farsinews is a persian and improved translation of CuteNews, AjFork, CuteHack and CuteSQL... for more information about FarsiNews Publishing System visit...