Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.10 views

CVE-2019-12309

dotCMS before 5.1.0 has a path traversal vulnerability exploitable by an administrator to create files. The vulnerability is caused by the insecure extraction of a ZIP archive...

4.9CVSS6.8AI score0.01279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.6 views

CVE-2019-12807

Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code...

7.8CVSS7.5AI score0.0162EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0917

Malware in sbrugna...

7.5CVSS6.4AI score0.02517EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0930

Malware in sbrugna...

2.6CVSS6.4AI score0.01606EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2007-4118

Malware in sbrugna...

6.8CVSS6.1AI score0.03009EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-16981

Malware in sbrugna...

8.8CVSS8.4AI score0.01439EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-5342

Malware in sbrugna...

8.8CVSS8.5AI score0.05345EPSS
Exploits2References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-2332

Malware in sbrugna...

2.6CVSS6AI score0.03365EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11341

Malware in sbrugna...

4.3CVSS4.2AI score0.00634EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-11339

Malware in sbrugna...

6.1CVSS6.3AI score0.00696EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-5534

Malicious code in bioql PyPI...

5.5CVSS6.7AI score0.01262EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3141

Malicious code in bioql PyPI...

4.7CVSS5.2AI score0.01446EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-5856

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.01483EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3679

Malicious code in bioql PyPI...

5CVSS6.6AI score0.0236EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2025/09/13 3:39 p.m.187 views

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 WinRAR path traversal tool ⚠ This tool is c...

8.8CVSS7.1AI score0.85778EPSS
Exploits35
Ubuntu
Ubuntu
added 2025/07/21 11:51 a.m.6 views

USN-7656-1: Erlang vulnerabilities

It was discovered that Erlang OTP’s SSH module incorrectly enforced strict KEX handshake hardening measures. A remote attacker able to intercept communications could possibly use this issue to insert optional messages into connections during the handshake. CVE-2025-46712 It was discovered that...

4.8CVSS6.5AI score0.00442EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/08 12:38 a.m.27 views

CVE-2025-42992 Multiple Privilege Escalation Vulnerabilities in SAPCAR

SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in SAPCAR. This could enable the attacker to exploit critical files and directory permissions without breaking signature validation, resulting in potential privilege escalation. This has high impact on...

6.9CVSS0.00123EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/04 12:0 a.m.6 views

The vulnerability of the MOTW mechanism of the WinRAR file archiver allows a hacker to execute arbitrary code.

The vulnerability of the Mark of the Web MOTW file archiver WinRAR is related to the lack of a warning message for users regarding unsafe actions related to the user interface when processing symbolic links that point to executable files. Exploiting this vulnerability allows a malicious actor to...

9CVSS7.5AI score0.01218EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/03/04 2:15 p.m.12 views

CVE-2025-1936

jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension...

7.3CVSS0.00413EPSS
Exploits0References6
CVE
CVE
added 2025/03/04 1:31 p.m.138 views

CVE-2025-1936

CVE-2025-1936 is a Firefox/Thunderbird vulnerability where jar: URLs used to retrieve local ZIP contents could misclassify content due to a null-termination issue in the archive, potentially enabling disguised code in a web extension. Affected: Firefox before 136, Firefox ESR before 128.8, Thunde...

7.3CVSS6.8AI score0.00413EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder