Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/05/16 1:13 a.m.10 views

SUSE CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS5.8AI score0.00146EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/11 6:31 p.m.12 views

nanotar is vulnerable to path traversal in parseTar() and parseTarGzip()

nanotar through 0.2.0 has a path traversal vulnerability in parseTar and parseTarGzip that allows remote attackers to write arbitrary files outside the intended extraction directory via a crafted tar archive containing path traversal sequence...

9.8CVSS5.8AI score0.00841EPSS
Exploits2References5Affected Software1
OSV
OSV
added 2025/08/11 1:52 p.m.6 views

BIT-LIBPYTHON-2024-12718 Bypass extraction filter to modify file metadata outside extraction directory

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

5.3CVSS8AI score0.00607EPSS
Exploits1References14
Veracode
Veracode
added 2023/07/26 12:52 p.m.35 views

Path Traversal

org.apache.shiro:shiro-web is vulnerable to Path Traversal. The vulnerability exists in InvalidRequestFilter.java because it does not properly validate downloaded files for subpaths, which allows an attacker to to write to a directory outside the restricted path...

9.8CVSS6.3AI score0.01533EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/01/11 4:15 p.m.8 views

AZL-37006 CVE-2021-43566 affecting package samba for versions less than 4.18.3-1

All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...

2.5CVSS6.4AI score0.00376EPSS
Exploits1References1
OSV
OSV
added 2022/01/11 4:15 p.m.4 views

DEBIAN-CVE-2021-43566

All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be created in an area of the server file system not exported under the share definition. Note that SMB1 has to be enabled, or the share also available via NFS in order for...

2.5CVSS6.1AI score0.00376EPSS
Exploits1References1
Rows per page
Query Builder