305 matches found
Denial of service
A Denial-of-Service DoS vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Servic...
F-Secure Atlant 安全漏洞
F-secure Atlant is a platform for building applications that can scan and detect malicious files from the Finnish company F-Secure F-Secure. F-Secure Atlant suffers from a security vulnerability that stems from the fact that the AVRDL unpacking module component used in certain F-Secure products m...
GHSA-62JX-8VMH-4MCW Links in archive can create arbitrary directories
When unpacking a tarball that contains a symlink the tar crate may create directories outside of the directory it's supposed to unpack into. The function errors when it's trying to create a file, but the folders are already created at this point...
Links in archive can create arbitrary directories
When unpacking a tarball that contains a symlink the tar crate may create directories outside of the directory it's supposed to unpack into. The function errors when it's trying to create a file, but the folders are already created at this point...
GHSA-2367-C296-3MP2 Arbitrary file overwrite in tar-rs
When unpacking a tarball with the unpackin-family of functions it's intended that only files within the specified directory are able to be written. Tarballs with hard links or symlinks, however, can be used to overwrite any file on the filesystem. Tarballs can contain multiple entries for the sam...
Arbitrary file overwrite in tar-rs
When unpacking a tarball with the unpackin-family of functions it's intended that only files within the specified directory are able to be written. Tarballs with hard links or symlinks, however, can be used to overwrite any file on the filesystem. Tarballs can contain multiple entries for the sam...
CVE-2021-30881
An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. Unpacking a maliciously crafted archive may lead to arbitrary code...
CVE-2021-32825
bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary location...
Design/Logic Flaw
bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary location...
CVE-2021-32825
CVE-2021-32825 pertains to bblfshd, an open-source self-hosted server for source code parsing. The vulnerability, a zipslip flaw in the unpacking routine, arises from unsafe handling of symbolic links, allowing an attacker to read or write outside the designated target folder. Impact can include ...
Path Traversal
bblfshd is an open source self-hosted server for source code parsing. In bblfshd there is a zipslip vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may le...
bblfshd 后置链接漏洞
bblfshd is a cli tool for controlling installed drivers and querying the status of daemons. A backlink vulnerability exists in bblfshd, which stems from the incorrect handling of symbolic links during the unpacking process of the product, and can be exploited by an attacker to write a malicious...
Facebook WhatsApp for Android path traversal vulnerability
Facebook WhatsApp is a mobile application from Facebook, Inc. that uses the Internet to send text messages. A security vulnerability exists in WhatsApp for Android and WhatsApp Business for Android, which stems from a lack of file name validation when unpacking files, and could be exploited to...
Facebook WhatsApp for Android 路径遍历漏洞
Facebook WhatsApp is a mobile application from Facebook, Inc. that uses the Internet to send text messages. A security vulnerability exists in WhatsApp for Android and WhatsApp Business for Android, which stems from a lack of file name validation when unpacking files, and could be exploited to...
ConnMan 缓冲区错误漏洞
Arch Linux ConnMan 1.39 is an application from the Arch Linux community in the United States. It provides Intel's modular network connection manager. A buffer error vulnerability exists in ConnMan that stems from a stack-based buffer overflow when ConnMan is unpacked via NAME, RDATA, or RDLENGTH ...
SUSE: Security Advisory (SUSE-SU-2012:0598-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Revisiting the NSIS-based crypter
This blog post was authored by hasherezade NSIS Nullsoft Scriptable Install System is a framework dedicated to creating software installers. It allows to bundle various elements of an application together i.e. the main executable, used DLLs, configs, along with a script that controls where are th...
GHSA-7QW8-847F-PGGM Improper Locking in github.com/containers/storage
A deadlock vulnerability was found in github.com/containers/storage in versions before 1.28.1. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code indefinite...
The vulnerability of the DNS name resolution function in Nucleus NET TCP/IP allows a attacker to execute arbitrary code.
The vulnerability of the DNS record unpacking function in Nucleus NET TCP/IP is related to a pointer overflow that occurs beyond the allocated memory range. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2020-11247
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...