CVE-2019-11082

core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive...

CVE-2025-0332

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...

Use of uninitialized buffer in rkyv

An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct...