SAMSUNG mobile devices path traversal vulnerability

SAMSUNG mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A path traversal vulnerability exists in SAMSUNG mobile devices SMR Jan-2024 Release 1 version and earlier versions, which stems from a path traversal...

OPENSUSE-SU-2023:0424-1 Security update for deepin-compressor

This update for deepin-compressor fixes the following issues: - CVE-2023-50255: Fix Zip Path Traversal boo1218428...

OPENSUSE-SU-2023:0423-1 Security update for deepin-compressor

This update for deepin-compressor fixes the following issues: - CVE-2023-50255: Fix Zip Path Traversal boo1218428...

Security update for deepin-compressor (moderate)

openSUSE Security Update: Security update for deepin-compressor Announcement ID: openSUSE-SU-2023:0424-1 Rating: moderate References: 1218428 Cross-References: CVE-2023-50255 Affected Products: openSUSE Backports SLE-15-SP4 An update that fixes one vulnerability is now available. Description: Thi...

openSUSE 15 Security Update : deepin-compressor (openSUSE-SU-2023:0423-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0423-1 advisory. - Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that...

openSUSE 15 Security Update : deepin-compressor (openSUSE-SU-2023:0424-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0424-1 advisory. - Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that...

Security update for deepin-compressor (moderate)

openSUSE Security Update: Security update for deepin-compressor Announcement ID: openSUSE-SU-2023:0423-1 Rating: moderate References: 1218428 Cross-References: CVE-2023-50255 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: Thi...

SUSE CVE-2023-50255

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

CVE-2023-50255

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

Path traversal

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

CVE-2023-50255

CVE-2023-50255 affects the Deepin-Compressor default archive manager in Deepin Linux. A path traversal flaw prior to 5.12.21 can be exploited to achieve Remote Command Execution when opening crafted archives. Remediation: upgrade to version 5.12.21 or later (as listed in OpenSUSE/OpenSUSE-SU advi...

CVE-2023-50255 Zip Path Traversal in Deepin-Compressor

Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...

Deepin-Compressor Security Vulnerability

Deepin-Compressor is a software tool that provides common functions for decompressing and compressing files. A security vulnerability exists in Deepin-Compressor versions prior to 5.12.21, which stems from a path traversal vulnerability in Deepin Compressor. The vulnerability can be exploited to...

UBUNTU-CVE-2023-42503

Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 before 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can create a malformed...

UPX 安全漏洞

UPX is a portable and extensible executable compression program. A security vulnerability exists in versions of UPX prior to 4.0.0, which stems from a vulnerability that allows an attacker to cause a denial of service DoS by designing a file passed to the readx function...

WordPress Highcompress Image Compressor Plugin <= 6.1.2 is vulnerable to Broken Access Control

Software Highcompress Image Compressor Type Plugin Vulnerable versions = 6.1.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-40209 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 99c36206c314 Credits Abdi Pranat...

ht.augustcompressor.com Cross Site Scripting vulnerability OBB-3506162

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-34455 snappy-java's unchecked chunk length leads to DoS

snappy-java is a fast compressor/decompressor for Java. Due to use of an unchecked chunk length, an unrecoverable fatal error can occur in versions prior to 1.1.10.1. The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does...

CVE-2023-34454 snappy-java's Integer Overflow vulnerability in compress leads to DoS

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...

Bytecode Compressor Contract Replay Attack.

Lines of code Vulnerability details Impact Injection of duplicate code. Proof of Concept In the markBytecodeAsPublished function, the contract does not check whether a particular hash has already been added to the storage. The contract only checks the current marker value of the hash, which is se...