1270 matches found
GHSA-M6W7-QV66-G3MF BentoML Vulnerable to Arbitrary File Write via Symlink Path Traversal in Tar Extraction
Arbitrary File Write via Symlink Path Traversal in Tar Extraction Summary The safeextracttarfile function validates that each tar member's path is within the destination directory, but for symlink members it only validates the symlink's own path, not the symlink's target. An attacker can create a...
BentoML 后置链接漏洞
BentoML is an open-source model service library developed by BentoML. It is used to build high-performance and scalable artificial intelligence applications using Python. Prior to BentoML 1.4.36, there was a post-link vulnerability. This vulnerability stemmed from the safeextracttarfile function,...
CVE-2025-66945
A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution...
CVE-2025-66945
A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution...
CVE-2025-66945
A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution...
CVE-2025-66945
CVE-2025-66945 affects Zdir Pro 4.x ZIP extraction API (/api/extract). A path traversal vulnerability can cause files to be written outside the intended directory, enabling arbitrary file overwrites and potentially remote code execution. Connected sources confirm the issue exists; exploitation de...
CVE-2026-3284
A flaw was found in libvips. A local attacker could exploit an integer overflow vulnerability in the vipsextractareabuild function by manipulating the extractarea argument. This could lead to a denial of service DoS condition...
Linux Distros Unpatched Vulnerability : CVE-2026-3283
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulatio...
Linux Distros Unpatched Vulnerability : CVE-2026-3284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the...
CVE-2026-28411
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
Improper Check or Handling of Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check or Handling of Exceptional Conditions due to the extractNestedArchive function. An attacker can cause incomplete scanning of potentially malicious content by supplying nested archives that fail to extract. Remediation...
CVE-2026-28411
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
CVE-2026-28411
WeGIA Web Manager prior to version 3.6.5 is vulnerable to an authentication bypass via unsafe use of extract($_REQUEST). The issue allows an unauthenticated attacker to overwrite local variables across multiple PHP scripts, enabling unauthorized access to administrative and protected areas. remed...
CVE-2026-28411
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
EUVD-2026-9081
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
CVE-2026-28411 WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)`
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
CVE-2026-28411 WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)`
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the extract function on the $REQUEST superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnerability can be leveraged to completely bypass...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the vipsextractareabuild function in the extract.c file. An attacker can cause a denial of service by providing specially crafted arguments to trigger an integer overflow. Remediation A fix was pushed...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the vipsextractbandbuild function. An attacker can access sensitive information by supplying crafted arguments to trigger an out-of-bounds read. Remediation A fix was pushed into the master branch but not yet...
EUVD-2026-8990
A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...