Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedHat Linux
RedHat Linuxadded 2023/10/26 10:5 a.m.3 views

plexus-archiver: Arbitrary File Creation in AbstractUnArchiver

A flaw was found in the Plexus Archiver. While using AbstractUnArchiver for extracting, an archive might lead to arbitrary file creation and possible remote code execution RCE. Extracting an archive with an entry in the destination directory as a symbolic link whose target does not exist will...

9.8CVSS7.8AI score0.37911EPSS
Exploits1References6
Microsoft CVE
Microsoft CVEadded 2023/07/31 7:0 a.m.2 views

Plexus Archiver vulnerable to Arbitrary File Creation in AbstractUnArchiver

...

9.8CVSS8.3AI score0.37911EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2023/07/25 7:41 p.m.19 views

CVE-2023-37460 Plexus Archiver vulnerable to Arbitrary File Creation in AbstractUnArchiver

Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution...

8.1CVSS9.8AI score0.37911EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/07/25 7:41 p.m.17 views

CVE-2023-37460 Plexus Archiver vulnerable to Arbitrary File Creation in AbstractUnArchiver

Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution...

8.1CVSS10AI score0.37911EPSS
Exploits1References3
OSV
OSVadded 2023/07/25 5:20 p.m.20 views

GHSA-WH3P-FPHP-9H2M Arbitrary File Creation in AbstractUnArchiver

Summary Using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. Description When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist - the...

8.1CVSS9.1AI score0.37911EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2023/07/25 5:20 p.m.21 views

Arbitrary File Creation in AbstractUnArchiver

Summary Using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. Description When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist - the...

9.8CVSS7.2AI score0.37911EPSS
Exploits1References5Affected Software1
CNNVD
CNNVDadded 2023/07/25 12:0 a.m.2 views

Plexis Archiver 安全漏洞

archiver is a compression/decompression utility program. A security vulnerability exists in Plexis Archiver versions prior to 4.8.0, which stems from the fact that extracting archives using AbstractUnArchiver can lead to arbitrary file creation and remote code execution...

9.8CVSS8.5AI score0.37911EPSS
Exploits1References5
Rows per page
Query Builder