Directory Traversal

Overview com.github.junrar:junrar is a rar decompression library in plain java. Affected versions of this package are vulnerable to Directory Traversal via the LocalFolderExtractor component. An attacker can overwrite files in sibling directories by tricking a user into extracting a specially...

CVE-2026-41245 Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Version 7.5.10 fixes th...

GHSA-HF5P-Q87M-CRJ7 Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

Summary A path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Example Given an extraction directory set to /tmp/extract, a crafted archive with an entry...

Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

Summary A path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Example Given an extraction directory set to /tmp/extract, a crafted archive with an entry...

Directory Traversal

Overview com.github.junrar:junrar is a rar decompression library in plain java. Affected versions of this package are vulnerable to Directory Traversal via the createDirectory and createFile methods in LocalFolderExtractor module. An attacker can write arbitrary files to sibling directories by...

ExploitOnCLI

This is an offensive tool for searching exploits in multiple databases. The tool, named ExploitOnCLI or EOC, is written in PHP for Linux and allows users to search for exploits in various databases, including Exploit-DB, PacketStormSecurity, IEDB, Siph0n, CXSecurity, and Exploit4Arab. The tool ca...

CVE-2023-28399

Incorrect permission assignment for critical resource exists in CONPROSYS HMI System CHS versions prior to 3.5.3. ACL Access Control List is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC whe...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path due to the improper handling of the .be TEMP folder. An attacker can escalate privileges by monitoring the user's TEMP folder for changes and inserting a malicious DLL into the .be/.Local folder immediately when th...

PT-2024-40006 · Microsoft · Wix

Name of the Vulnerable Software and Affected Versions: WiX installer framework affected versions not specified Description: The vulnerability allows an attacker to escalate privileges through DLL redirection attacks. When the bundle is not run as admin, the user's TEMP folder is used, and a utili...

PT-2024-40202 · Microsoft · Wix

Name of the Vulnerable Software and Affected Versions: WiX installer framework affected versions not specified Description: The vulnerability allows an attacker to escalate privileges through DLL redirection attacks. When the bundle is not run as admin, the user's TEMP folder is used, and a utili...

Debian DLA-2092-1 : qtbase-opensource-src security update

In Qt5's plugin loader code as found in qtbase-opensource-src, it was possible to side-load plugins from 'the' local folder in addition to a system-widely defined library path. For Debian 8 'Jessie', this problem has been fixed in version 5.3.2+dfsg-4+deb8u4. We recommend that you upgrade your...

Core FTP LE Version 2.2 Build 1935 Buffer Overflow Exploit

!/usr/bin/python Exploit Title: Core FTP LE Version 2.2, build 1935 - Local Buffer Overflow SEH Unicode Vulnerability Details: Core FTP LE Version 2.2, build 1935 is prone to a buffer overflow vulnerability that may result in a DoS user local folder selection pane Vulnerable Software: Core FTP LE...

Core FTP LE Version 2.2 Build 1935 Buffer Overflow

!/usr/bin/python Exploit Title: Core FTP LE Version 2.2, build 1935 - Local Buffer Overflow SEH Unicode Vulnerability Details: Core FTP LE Version 2.2, build 1935 is prone to a buffer overflow vulnerability that may result in a DoS user local folder selection pane Exploit Type : DOS Date:...

MGASA-2015-0372 Updated ipython packages fix CVE-2015-6938

Updated ipython packages fix security vulnerability: In IPython, local folder name was used in HTML templates without escaping, allowing XSS in said pages by carefully crafting folder name and URL to access it CVE-2015-6938...

Дырки в Ghostscript

Уязвимость символьных линков при создании временных файлов, кроме того при поиске динамических библиотек используется локальная папка...