Lucene search
K

339 matches found

OpenVAS
OpenVAS
added 2025/02/14 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2025-0061)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.1AI score0.00271EPSS
Exploits0References4
Mageia
Mageia
added 2025/02/13 7:9 p.m.14 views

Updated ark packages fix security vulnerability

A security issue exists in Ark where a maliciously crafted archive containing file paths beginning with "/" allows files to be extracted to locations outside the intended directory...

5CVSS6.8AI score0.00271EPSS
Exploits0References2
OSV
OSV
added 2025/02/13 7:9 p.m.13 views

MGASA-2025-0061 Updated ark packages fix security vulnerability

A security issue exists in Ark where a maliciously crafted archive containing file paths beginning with "/" allows files to be extracted to locations outside the intended directory...

5CVSS5AI score0.00271EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/02/10 12:0 a.m.5 views

Debian: Security Advisory (DLA-4046-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.2AI score0.00271EPSS
Exploits0References2
Debian
Debian
added 2025/02/08 5:59 p.m.12 views

[SECURITY] [DLA 4046-1] ark security update

Debian LTS Advisory DLA-4046-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 08, 2025 https://wiki.debian.org/LTS Package : ark Version : 4:20.12.2-1+deb11u1 CVE ID : CVE-2024-57966 A flaw was discovered in ark, an archive utility for the KDE platform...

5CVSS5.9AI score0.00271EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/08 12:0 a.m.5 views

Debian dla-4046 : ark - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4046 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4046-1 [email protected] https://www.debian.org/lts/security/...

5CVSS5.5AI score0.00271EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/07 5:50 p.m.10 views

CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS6.6AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:45 a.m.11 views

CVE-2021-26635

In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code...

7.8CVSS7.7AI score0.01095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:42 a.m.9 views

CVE-2021-26615

ARK library allows attackers to execute remote code via the parameterpath value of ArkNormalizeAndDupPAthNameW function because of an integer overflow...

8.8CVSS7.8AI score0.00633EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:39 a.m.9 views

CVE-2021-26603

A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the ArkDigPathA function parsed a file path. This vulnerability is due to missing support for string length check...

8.6CVSS7AI score0.00664EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 3:34 a.m.12 views

CVE-2021-26623

A remote code execution vulnerability due to incomplete check for 'xheaderdecodepathrecord' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function...

9.8CVSS7.9AI score0.01065EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/04 3:47 a.m.2 views

SUSE CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS7AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2025/02/03 5:15 a.m.3 views

DEBIAN-CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS5.4AI score0.00271EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/02/03 5:15 a.m.5 views

CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS7.2AI score0.00271EPSS
Exploits0References3
NVD
NVD
added 2025/02/03 5:15 a.m.12 views

CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS0.00271EPSS
Exploits0References3
OSV
OSV
added 2025/02/03 5:15 a.m.8 views

CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS7AI score
Exploits0References3
OSV
OSV
added 2025/02/03 5:15 a.m.1 views

UBUNTU-CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS5.8AI score0.00271EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.4 views

KDE Ark 安全漏洞

KDE Ark is a graphical file compression/decompression utility for the KDE community. A security vulnerability exists in KDE Ark versions prior to 24.12.0, which stems from the fact that libarchiveplugin.cpp can extract absolute paths from archives...

5CVSS5.2AI score0.00271EPSS
Exploits0References2
CVE
CVE
added 2025/02/03 12:0 a.m.77 views

CVE-2024-57966

CVE-2024-57966 affects KDE Ark; libarchiveplugin.cpp in Ark before 24.12.0 allows extraction to absolute paths, enabling overwriting of files. Root cause: insecure path handling in archive extraction. Impact: potential unauthorized file overwrite. Remediation: upgrade Ark to a version with the fi...

5CVSS6.9AI score0.00271EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/03 12:0 a.m.9 views

CVE-2024-57966

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive...

5CVSS5.2AI score0.00271EPSS
Exploits0References2
Rows per page
Query Builder