CVE-2026-22870 GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS

GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, GuardDog's safeextract function does not validate decompressed file sizes when extracting ZIP archives wheels, eggs, allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabyt...

PT-2026-2805

Name of the Vulnerable Software and Affected Versions GuardDog versions prior to 2.7.1 Description GuardDog is a command-line interface CLI tool used to identify malicious PyPI packages. A path traversal flaw exists in the safe extract function, potentially allowing malicious PyPI packages to wri...

PT-2026-2370

Name of the Vulnerable Software and Affected Versions VIAVIWEB Wallpaper Admin version 1.0 Description The software contains an SQL injection issue that allows authenticated attackers to manipulate database queries. Attackers can inject SQL code through the img id parameter. Specifically, sending...

CVE-2018-1000009

Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...

CVE-2026-21851

MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.1, a Path Traversal Zip Slip vulnerability exists in MONAI's downloadfromngcprivate function. The function uses zipfile.ZipFile.extractall without path validation, while other similar...

CVE-2019-12739

lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php nameOfFile and directory parameters...

PT-2026-2101

Name of the Vulnerable Software and Affected Versions MONAI versions up to and including 1.5.1 Description MONAI Medical Open Network for AI is an AI toolkit for health care imaging. A Path Traversal Zip Slip issue exists in the download from ngc private function. This function utilizes...

Medium: runfinch-finch

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

Unauthenticated File Upload in LollMS

Executive Summary A critical security vulnerability has been identified in LollMS that allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint lacks authentication requirements, contradicting the application's documented "Secure...

MLflow Tarfile Path traversal in mlflow/mlflow

Description Vulnerability Report: Unsafe Tar Extraction Path Traversal Due to the lack of path traversal verification in the tar decompression part, it may lead to the possibility of overwriting any file or gaining elevated privileges. This is a non-expected vulnerability. Location File:...

cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract or TarFile.extractall with the filte...

Path Traversal

Keras is vulnerable to path traversal. The vulnerability is due to the keras.utils.getfile API using Python’s tarfile.extractall without the filter="data" protection when extracting tar archives, which allows a remote attacker to craft a malicious archive with symlinks and write arbitrary files...

CVE-2025-14307 Insecure Temporary File Creation in Robocode's AutoExtract Component

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files...

CVE-2024-58276

Obi08/Enrollment System 1.0 contains a SQL injection vulnerability in the keyword parameter of /getsubject.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can use UNION-based injection to extract sensitive information from the users table including usernames...

CVE-2024-58276

CVE-2024-58276 concerns Obi08/Enrollment System 1.0. A SQL injection vulnerability exists in the keyword parameter of /get_subject.php, allowing unauthenticated attackers to execute arbitrary SQL queries. The impact includes potential extraction of sensitive data from the users table (e.g., usern...

JLSEC-2025-284 LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:36...

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b...

JLSEC-2025-301 A flaw was found in tiffcrop, a program distributed by the libtiff package

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff...

JLSEC-2025-304 A vulnerability was found in the libtiff library

A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c...

JLSEC-2025-314 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcro...

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...