Lucene search
K

9525 matches found

CVE
CVE
added 5 days ago9 views

CVE-2026-14966

BBOT’s unarchive module is affected by a symlink guard bypass when handling certain archives. Specifically, zip and 7z archives with a DOS-attribute prefix in their listing (as produced by legacy p7zip) can bypass the extraction guard, allowing an attacker-controlled symlink to be written into th...

3.1CVSS5.9AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 6 days ago13 views

CVE-2026-55633

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a bypass of the H2 zip protocol and file dropper fix allows an authenticated attacker to upload a zip archive disguised with a .ttf extension through FontManage.saveFile and then exploit it through the zip protocol...

8.7CVSS0.00501EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42055

Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing the extension denylist in config.inc.php which omits the...

8.8CVSS6.8AI score0.00758EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 6 days ago9 views

CVE-2026-6101

The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Arbitrary File Write in versions up to and including 1.1.12. This is due to unsafe ZIP file extraction in the ampforwpsavelocalfont function combined with inadequate cleanup that fails to remove nested directories and...

7.5CVSS6.7AI score0.00646EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:34 a.m.6 views

CVE-2026-24014

Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an attacker may use path traversal sequences in the JAR name t...

6AI score0.00509EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.8 views

PT-2026-56053

Name of the Vulnerable Software and Affected Versions @xhmikosr/decompress versions prior to 10.2.1 @xhmikosr/decompress versions prior to 11.1.3 decompress versions prior to 4.3.0 Description When extracting archives to a directory, a crafted archive can read or write files outside that director...

9.1CVSS6AI score
Exploits0References8
OSV
OSV
added 2026/07/05 12:5 p.m.4 views

RLSA-2026:30857 Important: perl-Archive-Tar security update

Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support...

8.2CVSS6.1AI score0.0043EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/04 12:58 a.m.9 views

EUVD-2026-41656

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

10CVSS7.8AI score0.00809EPSS
Exploits4References1
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-20706

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint...

9.1CVSS0.00403EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-20706

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint...

5.9AI score0.00403EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.35 views

CVE-2026-20706 Gitea repository archive downloads bypass token scope checks

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint...

0.00403EPSS
Exploits0References4
CVE
CVE
added 2026/07/03 8:19 p.m.34 views

CVE-2026-20706

Summary: CVE-2026-20706 affects Gitea up to version 1.26.1, where the web archive download endpoint allowed bypassing token scope checks, enabling access to repository archives beyond a token’s scope. Affected software: Gitea (versions ≤ 1.26.1). Root cause (as described in the sources): The /arc...

9.1CVSS7.1AI score0.00403EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/07/03 10:16 a.m.9 views

CVE-2026-12480

A flaw was found in Keras. An attacker can craft a malicious model archive or weights file containing a Virtual Dataset VDS that references external files on a victim's system. When a user loads this malicious model, the external file is transparently read. This vulnerability leads to information...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.12 views

7-Zip <= 26.02 Mark-of-the-Web Bypass (CVE-2026-58052)

The version of 7-Zip installed on the remote Windows host is 26.02 or earlier. It is, therefore, affected by a vulnerability: - 7-Zip for Windows fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier...

4.8CVSS6.1AI score0.00119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.7 views

Docker Engine < 29.5.1 Arbitrary Code Execution

The version of the Docker Engine Moby installed on the remote host is prior to 29.5.1. It is, therefore, affected by an arbitrary code execution vulnerability: - When a compressed archive is uploaded to a container via PUT /containers/id/archive or piped through docker cp -, the daemon resolves...

7.5CVSS6.6AI score0.00153EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 7:2 a.m.3 views

OPENSUSE-SU-2026:21205-1 Security update for docker-stable

This update for docker-stable fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260279. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

9.6CVSS6.6AI score0.08123EPSS
Exploits2References12
OSV
OSV
added 2026/07/02 12:0 a.m.4 views

UBUNTU-CVE-2026-20215

Fixed a 7z parser substream count overflow that could under-allocate parser metadata arrays and write past them while reading a malformed archive...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References3
OSV
OSV
added 2026/07/02 12:0 a.m.4 views

UBUNTU-CVE-2026-20216

Fixed an InstallShield archive extraction limit bypass that could write far more temporary data than intended and exhaust temporary storage...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/07/01 7:58 p.m.9 views

Important: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

8.2CVSS7.2AI score0.00552EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 7:58 p.m.5 views

vim: command injection when decompressing .tgz archives

A flaw was found in Vim. When decompressing .tgz archives, the Vimuntar function builds shell commands using shellescape without the special flag. This allows a specially crafted archive filename to trigger Vim cmdline-special expansion and execute arbitrary commands in the context of the current...

7CVSS6AI score0.00552EPSS
Exploits0References7
Rows per page
Query Builder