63 matches found
USN-8214-1 nltk vulnerability
It was discovered that NLTK incorrectly handled file extraction when opening a maliciously crafted zip file. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...
OESA-2026-1771 sqlite security update
SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...
OESA-2026-1768 sqlite security update
SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...
yauzl 安全漏洞
Yauzl is a Node.js decompression library developed by Josh Wolfe. Version 3.2.0 of Yauzl contains a security vulnerability, which stems from a minor error in the NTFS extended timestamp parser. This vulnerability may lead to a denial-of-service attack when processing specially crafted ZIP files...
NLTK 安全漏洞
NLTK is an open-source natural language toolkit developed by NLTK. It is used to support research and development in natural language processing. NLTK has a security vulnerability that stems from the unzipiter function using zipfile.extractall without performing path validation or security checks...
EUVD-2020-15924
Malware in sbrugna...
EUVD-2014-7983
Malware in sbrugna...
EUVD-2022-46646
Malicious code in bioql PyPI...
EUVD-2022-1146
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-29768
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because ...
CVE-2014-125119 WinRAR < 5.00 Filename Spoofing RCE
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...
Vim vulnerable to potential data loss with zip.vim and special crafted zip files
...
SUSE CVE-2025-29768
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...
AZL-58632 CVE-2025-29768 affecting package vim for versions less than 9.1.1198-1
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...
ALPINE-CVE-2025-29768
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...
UBUNTU-CVE-2025-29768
Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...
FreeBSD : vim -- potential data loss with zip.vim and specially crafted zip files (9cf03c96-ffa5-11ef-bb15-002590af0794)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9cf03c96-ffa5-11ef-bb15-002590af0794 advisory. Vim reports: See https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf Tenable has extract...
Vim 参数注入漏洞
Vim is a cross-platform text editor from the Vim open source. A parameter injection vulnerability exists in Vim versions prior to 9.1.1198, which stems from zip.vim and specially crafted zip files that may result in data loss...
CVE-2025-25784
An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file...
Updated python-zipp packages fix security vulnerability
Denial of Service via crafted zip file in jaraco/zipp. CVE-2024-5569...