CVE-2021-37538

Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06 allow a remote unauthenticated attacker to execute arbitrary SQL commands via the day, month, or year parameter to the controllers/front/archive.php archive controller, or the idcategory parameter to the...

CVE-2023-45703

HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion...

SUSE CVE-2005-0161

Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing 1 ../ sequences or 2 absolute pathnames...

UBUNTU-CVE-2018-11771

When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite...

UBUNTU-CVE-2018-1324

A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip...