Lucene search
K

14 matches found

CNNVD
CNNVD
added 2025/09/19 12:0 a.m.5 views

Keras 安全漏洞

Keras is a multi-backend deep learning framework open-sourced by Keras. A security vulnerability exists in Keras that stems from a specially crafted .keras model archive that could trigger arbitrary code execution...

8.6CVSS7.3AI score0.00186EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.40 views

SUSE SLES15 Security Update : libarchive (SUSE-SU-2022:0944-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0944-2 advisory. - CVE-2021-36976: Fixed an invalid memory access that could cause data corruption bsc1188572. Non-security updates: - Updated...

7.5CVSS7.1AI score0.04447EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2023/01/31 5:35 a.m.93 views

CVE-2022-48285

A flaw was found in the JSZip package. Affected versions of JSZip could allow a remote attacker to traverse directories on the system caused by the failure to sanitize filenames when files are loaded with loadAsync, which makes the library vulnerable to a Zip Slip attack. By extracting files from...

7.3CVSS4.7AI score0.01411EPSS
Exploits0References7
Prion
Prion
added 2022/03/28 10:15 p.m.15 views

Directory traversal

An Archive Extraction AKA "Zip Slip vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The vulnerability is exploited using a specially crafted archive that holds directory traversal...

4CVSS5.2AI score0.01092EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/11 11:27 a.m.30 views

CVE-2021-37196

A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions = V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS unpacks specially crafted archi...

6.4AI score0.00782EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/22 12:18 a.m.32 views

Security Bulletin: Vulnerability in Apache Commons Compress affects IBM Spectrum Protect Plus (CVE-2019-12402).

Summary A denial of service vulnerability in Apache Commons Compress affects IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-12402 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by an error in the internal file name encoding algorithm. By choosi...

7.5CVSS2AI score0.16157EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2019/10/31 9:57 p.m.21 views

CVE-2019-16680

A path traversal vulnerability was discovered in the file-roller Archive Manager for GNOME in the way file paths with special characters are sanitized. Archives containing the sequence of characters "../" in a file path may be vulnerable to this flaw. A remote attacker could exploit this flaw by...

4.3CVSS2.7AI score0.02132EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/09/23 12:0 a.m.37 views

EulerOS 2.0 SP5 : libarchive (EulerOS-SA-2019-1973)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger an...

7.5CVSS6.5AI score0.04447EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2019/01/07 9:50 a.m.28 views

CVE-2018-1000879

libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear to be exploitable via the vict...

6.5CVSS5.5AI score0.03367EPSS
Exploits0References2
Prion
Prion
added 2018/06/29 7:29 p.m.16 views

Directory traversal

perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary...

6.4CVSS7.4AI score0.48716EPSS
Exploits0References6Affected Software2
RedhatCVE
RedhatCVE
added 2017/01/31 12:47 p.m.31 views

CVE-2017-5601

An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive...

7.5CVSS6.2AI score0.04447EPSS
Exploits0References1
Prion
Prion
added 2017/01/27 10:59 p.m.20 views

Out-of-bounds

An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive...

5CVSS7.2AI score0.04447EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/01/03 12:0 a.m.37 views

GLSA-201701-03 : libarchive: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201701-03 libarchive: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libarchive. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...

8.8CVSS7.4AI score0.11992EPSS
Exploits20References34
RedhatCVE
RedhatCVE
added 2016/09/08 11:48 a.m.16 views

CVE-2016-7162

A path traversal flaw was found in file-roller. If a user were tricked into opening a specially crafted archive and clicking on a symbolic link, file deletion could occur...

7.5CVSS2.9AI score0.03328EPSS
Exploits1References1
Rows per page
Query Builder