Lucene search
K

158 matches found

CNNVD
CNNVD
added 2021/03/17 12:0 a.m.3 views

Gnome gnome-autoar 后置链接漏洞

Gnome gnome-autoar is a component of the Gnome community that provides widgets and gschemas functionality for GNOME applications. A backward linking vulnerability exists in GNOME gnome-autoar before 0.3.1 that allows traversing directories during extraction because, in some complex cases, it does...

5.5CVSS6.9AI score0.00528EPSS
Exploits0References11
OSV
OSV
added 2021/03/15 10:15 p.m.2 views

USN-4830-1 okular vulnerability

It was discovered that Okular mishandled certain crafted archives during extraction. An attacker could use this vulnerability to write arbitrary files to the filesystem...

5.5CVSS6AI score0.0183EPSS
Exploits1References2
OSV
OSV
added 2021/03/04 4:53 p.m.9 views

MGASA-2021-0111 Updated gnome-autoar packages fix security vulnerability

Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution CVE-2020-36241...

5.5CVSS6.4AI score0.00639EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/02/05 12:0 a.m.9 views

Gnome gnome-autoar backlink vulnerability

Gnome gnome-autoar is a component of the Gnome community that provides widget and gschemas functionality to GNOME applications. A backlink vulnerability exists in GNOME gnome-autoar through 0.2.4 that allows traversing directories during extraction...

5.5CVSS6.8AI score0.00639EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2021/01/07 12:0 a.m.4 views

PT-2021-5613 · Gnome +8 · File Roller +8

Name of the Vulnerable Software and Affected Versions: File Roller versions through 3.38.0 Description: The issue is related to a directory traversal vulnerability during extraction, caused by the lack of a check for whether a file's parent is a symlink in certain complex situations. This...

3.9CVSS4.5AI score0.00768EPSS
Exploits1References42
Snyk
Snyk
added 2020/09/01 5:39 a.m.3 views

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview github.com/u-root/u-root/pkg/cpio is a package that provides Go versions of standard Linux tools and bootloaders. It also provides tools for compiling Go programs in a single binary and creating initramfs images. Affected versions of this package are vulnerable to Arbitrary File Write vi...

7.5CVSS7.8AI score0.01527EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.27 views

FreeBSD : ark -- extraction outside of extraction directory (38fdf07b-e8ec-11ea-8bbe-e0d55e2a8bf9)

Albert Astals Cid reports : Overview A maliciously crafted TAR archive containing symlink entries would install files anywhere in the user's home directory upon extraction. Proof of concept For testing, an example of malicious archive can be found at dirsymlink.tar Impact Users can unwillingly...

4.3CVSS4.7AI score0.01496EPSS
Exploits0References3
Typo3
Typo3
added 2019/12/17 12:0 a.m.27 views

Directory Traversal on ZIP extraction

It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal...

6.5CVSS3.2AI score0.01452EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/09/25 12:5 p.m.8 views

USN-4139-1 file-roller vulnerability

It was discovered that File Roller incorrectly handled certain TAR files. An attacker could possibly use this issue to overwrite sensitive files during extraction...

4.3CVSS6.1AI score0.02132EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/03/21 12:0 p.m.37 views

CVE-2019-3838

It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER...

7.3CVSS6.7AI score0.02642EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/03/01 12:0 a.m.3 views

The vulnerability of the WinRAR file archiver lies in the fact that it writes beyond the buffer boundaries during file extraction, allowing an attacker to execute arbitrary code.

The vulnerability of the unacev2.dll file archiver in WinRAR is related to writing beyond the buffer boundaries in memory during file extraction. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted ACE or RAR archive...

10CVSS7.9AI score0.04042EPSS
Exploits1References5
OSV
OSV
added 2018/12/28 4:29 p.m.1 views

DEBIAN-CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

8.8CVSS9AI score0.19207EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2018/11/05 1:58 p.m.6 views

rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file

A directory and symbolic link traversal flaw was found in the way rubyzip gem extracts zip files. An attacker, with access to a privileged application capable of extracting zip files, could use this flaw to write new files to arbitrary paths, accessible by the aforementioned privileged applicatio...

9.8CVSS7.2AI score0.04499EPSS
Exploits1References4
Cvelist
Cvelist
added 2018/10/03 8:0 p.m.27 views

CVE-2017-2751

A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014...

4.8AI score0.01065EPSS
Exploits0References1
Debian
Debian
added 2018/09/22 2:1 p.m.53 views

[SECURITY] [DSA 4300-1] libarchive-zip-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4300-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 22, 2018 https://www.debian.org/security/faq -...

6.4CVSS1.6AI score0.48716EPSS
Exploits0
Cvelist
Cvelist
added 2018/08/10 4:0 p.m.27 views

CVE-2018-14028

In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then...

7.7AI score0.17722EPSS
Exploits0References4
OSV
OSV
added 2018/07/25 5:29 p.m.3 views

UBUNTU-CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

5.5CVSS6.7AI score0.08926EPSS
Exploits1References3
OSV
OSV
added 2018/07/25 5:29 p.m.4 views

CVE-2018-1002202

zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

6.5CVSS5.9AI score0.13088EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2018/07/25 5:0 p.m.40 views

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

5.5CVSS5.5AI score0.08926EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2018/07/25 12:0 a.m.3 views

PT-2018-9627 · Mholt · Archiver

Name of the Vulnerable Software and Affected Versions: mholt/archiver versions before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 Description: The issue allows attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction, also known as...

5.5CVSS6.6AI score0.0253EPSS
Exploits1References11
Rows per page
Query Builder