CVE-2022-23530

CVE-2022-23530 affects GuardDog prior to v0.1.8, where scanning a remotely fetched PyPI package could trigger arbitrary file writes. The root cause is using shutil.unpack_archive() on a crafted tarball without validating that extracted paths stay within the destination directory, allowing writes ...

CVE-2022-23530 GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package

GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to v0.1.8 are vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package. Extracting files using shutil.unpackarchive from a potentially malicious tarball without validating that the destinati...

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Directory Traversal / File Write

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Directory Traversal File Write Exploit Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Directory Traversal File Write Exploit

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview github.com/snapcore/snapd/overlord/snapshotstate/backend is a The snapd and snap tools enable systems to work with .snap files. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. When importing a snapshot...

The vulnerability of the Fortinet FortiClient for Windows security tool arises from the insecure management of privileges, allowing attackers to write arbitrary files.

The vulnerability of the Fortinet FortiClient for Windows security tool is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to write arbitrary files...

SUSE SLES15 Security Update : buildah (SUSE-SU-2022:4350-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4350-1 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building ...

py7zr 0.20.0 Directory Traversal Vulnerability

CVE-2022-44900: path traversal vulnerability in py7zr Directory traversal vulnerability in SevenZipFile.extractall function of the python library py7zr version 0.20.0 and earlier allow attackers to read arbitrary files on the local machine via malicious 7z file extraction. CVE-2022-44900...

VMware vCenter vScalation Privilege Escalation Exploit

This Metasploit module exploits a privilege escalation in vSphere/vCenter due to improper permissions on the /usr/lib/vmware-vmon/java-wrapper-vmon file. It is possible for anyone in the cis group to write to the file, which will execute as root on vmware-vmon service restart or host reboot. This...

py7zr 0.20.0 Directory Traversal

CVE-2022-44900: path traversal vulnerability in py7zr Directory traversal vulnerability in SevenZipFile.extractall function of the python library py7zr version 0.20.0 and earlier allow attackers to read arbitrary files on the local machine via malicious 7z file extraction. CVE-2022-44900...

DEBIAN-CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

PYSEC-2022-42998

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

py7zr 路径遍历漏洞

py7zr is a library and utility program by the individual developer Hiroshi Miura. It supports compression, decompression, encryption and decryption of 7zip archives written in the Python programming language. A security vulnerability exists in py7zr version v0.20.0 and earlier versions. An attack...

CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

PT-2022-27330 · Py7Zr +2 · Py7Zr +2

Name of the Vulnerable Software and Affected Versions: py7zr versions 0.20.0 and earlier Description: A directory traversal issue in the SevenZipFile.extractall function allows attackers to write arbitrary files by extracting a crafted 7z file. Recommendations: For py7zr versions 0.20.0 and...

GHSA-RP2V-V467-Q9VQ GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package

Impact Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine where GuardDog is executed. This is due to a path traversal vulnerability when extracting the .tar.gz file of the package being scanned, which exists by design in the...

Chocolatey Azure Pipelines Agent Privilege Design Vulnerability

Chocolatey can handle various types of installation packages.Azure Pipelines Agent Also known as Azure Pipelines Agent, it is mainly used to generate code or deploy software in the Devops process. A privilege design vulnerability exists in the Chocolatey Azure Pipelines Agent package v2.211.1 and...

Chocolatey PHP Permission Design Vulnerability

PHP is a scripting language that executes on the server side. A privilege design vulnerability exists in the Chocolatey PHP package v8.1.12 and below, which originates from all users in the Authenticated users group having write access to the subfolder C:\tools\php81 and all files in that folder,...

chocolatey Python3 Permission Design Vulnerability

Python is an open source object-oriented programming language. A privilege design vulnerability exists in the Chocolatey Python3 package v3.11.0 and earlier versions, which originates from all users in the Authenticated users group having write access to the subfolder C:\Python311 and all files i...

多款Pilz产品路径遍历漏洞

Pilz PASvisu and others are products of Pilz, a German company.Pilz PASvisu is an HMI solution for machine visualization.Pilz PAS4000 is a software platform for the automation system PSS 4000.Pilz PAScal is an application... A path traversal vulnerability exists in several Pilz products. An...