339 matches found
Mageia: Security Advisory (MGASA-2025-0061)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ark packages fix security vulnerability
A security issue exists in Ark where a maliciously crafted archive containing file paths beginning with "/" allows files to be extracted to locations outside the intended directory...
MGASA-2025-0061 Updated ark packages fix security vulnerability
A security issue exists in Ark where a maliciously crafted archive containing file paths beginning with "/" allows files to be extracted to locations outside the intended directory...
Debian: Security Advisory (DLA-4046-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 4046-1] ark security update
Debian LTS Advisory DLA-4046-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 08, 2025 https://wiki.debian.org/LTS Package : ark Version : 4:20.12.2-1+deb11u1 CVE ID : CVE-2024-57966 A flaw was discovered in ark, an archive utility for the KDE platform...
Debian dla-4046 : ark - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4046 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4046-1 [email protected] https://www.debian.org/lts/security/...
CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
CVE-2021-26635
In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...
CVE-2021-26615
ARK library allows attackers to execute remote code via the parameterpath value of ArkNormalizeAndDupPAthNameW function because of an integer overflow...
CVE-2021-26603
A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the ArkDigPathA function parsed a file path. This vulnerability is due to missing support for string length check...
CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...
SUSE CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
DEBIAN-CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
UBUNTU-CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...
KDE Ark 安全漏洞
KDE Ark is a graphical file compression/decompression utility for the KDE community. A security vulnerability exists in KDE Ark versions prior to 24.12.0, which stems from the fact that libarchiveplugin.cpp can extract absolute paths from archives...
CVE-2024-57966
CVE-2024-57966 affects KDE Ark; libarchiveplugin.cpp in Ark before 24.12.0 allows extraction to absolute paths, enabling overwriting of files. Root cause: insecure path handling in archive extraction. Impact: potential unauthorized file overwrite. Remediation: upgrade Ark to a version with the fi...
CVE-2024-57966
libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...