Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

SUSE SLES15 Security Update : python311 (SUSE-SU-2025:02984-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02984-1 advisory. - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Tenable has extracted the preceding...

7.5CVSS6.9AI score0.00611EPSS
Exploits0References4
OSV
OSV
added 2025/08/12 1:1 p.m.12 views

SUSE-SU-2025:02767-1 Security update for python313

This update for python313 fixes the following issues: - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. -...

7.5CVSS6.3AI score0.00611EPSS
Exploits1References9
Cvelist
Cvelist
added 2024/01/31 4:40 p.m.40 views

CVE-2024-24579 Tar path traversal in stereoscope when processing OCI tar archives

stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive temporary director...

5.3CVSS9.7AI score0.00393EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/31 4:40 p.m.12 views

CVE-2024-24579 Tar path traversal in stereoscope when processing OCI tar archives

stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive temporary director...

5.3CVSS6.7AI score0.00393EPSS
Exploits0References2
CNVD
CNVD
added 2018/11/16 12:0 a.m.2 views

IBM WebSphere Application Server Path Traversal Vulnerability

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A directory traversal vulnerability exists in IBM WAS using...

6.3CVSS6.2AI score0.01951EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/11 12:0 a.m.1 views

InfoZip UnZip heap buffer overflow vulnerability (CNVD-2018-03770)

UnZip is a utility for extracting compressed files also known as "zipfiles" in .zip format. A heap buffer overflow vulnerability exists in InfoZip UnZip 6.00 and prior versions in the handling of password-protected archive files. An attacker could exploit this vulnerability to cause a denial of...

7.8CVSS8.4AI score0.30469EPSS
Exploits2References1
CNVD
CNVD
added 2018/01/12 12:0 a.m.2 views

Lhaplus Improper Authentication Vulnerability

Lhaplus is a set of file compression and decompression software. A security vulnerability exists in Lhaplus 1.73 and earlier versions that stems from the program's failure to properly handle ZIP64 archives. The vulnerability can be exploited by an attacker to obtain information from specially...

4.3CVSS6.5AI score0.00634EPSS
Exploits0References1
Rows per page
Query Builder