Lucene search
K

340 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.9 views

openSUSE 15 Security Update : ark (openSUSE-SU-2025:0090-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025:0090-1 advisory. - CVE-2024-57966: Disable extraction to absolute path from an archive boo1236737 Tenable has extracted the preceding description block directly from the...

5CVSS5.5AI score0.00271EPSS
Exploits0References4
OSV
OSV
added 2025/03/12 5:29 p.m.7 views

OPENSUSE-SU-2025:0090-1 Security update for ark

This update for ark fixes the following issues: - CVE-2024-57966: Disable extraction to absolute path from an archive boo1236737...

5CVSS6.7AI score0.00271EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/03/12 12:0 a.m.9 views

Security update for ark (important)

openSUSE Security Update: Security update for ark Announcement ID: openSUSE-SU-2025:0090-1 Rating: important References: 1236737 Cross-References: CVE-2024-57966 CVSS scores: CVE-2024-57966 SUSE: 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE...

4.8CVSS7.1AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:39 p.m.17 views

CVE-2025-26970

Improper Control of Generation of Code 'Code Injection' vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through 1.71.0...

10CVSS7.2AI score0.00626EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2020-24654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a...

4.3CVSS4.7AI score0.01496EPSS
Exploits0References2
OSV
OSV
added 2025/03/03 2:15 p.m.4 views

CVE-2025-26970

Improper Control of Generation of Code 'Code Injection' vulnerability in NotFound Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a before 1.71.0...

9.8CVSS5.8AI score0.00626EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 2:15 p.m.13 views

CVE-2025-26970

Improper Control of Generation of Code 'Code Injection' vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through 1.71.0...

10CVSS0.00626EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 1:30 p.m.12 views

CVE-2025-26970 WordPress Ark Theme Core plugin < 1.71.0 - Unauthenticated Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through 1.71.0...

10CVSS8.6AI score0.00626EPSS
Exploits0References1
CVE
CVE
added 2025/03/03 1:30 p.m.138 views

CVE-2025-26970

CVE-2025-26970 : WordPress Ark Theme Core (ark-core)

10CVSS7.2AI score0.00626EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/03 1:30 p.m.23 views

CVE-2025-26970 WordPress Ark Theme Core plugin < 1.71.0 - Unauthenticated Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through 1.71.0...

10CVSS0.00626EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/03 12:0 a.m.8 views

PT-2025-9479 · Unknown · Ark Theme Core

Name of the Vulnerable Software and Affected Versions: Ark Theme Core versions 1.70.0 and earlier Description: The issue is related to an Improper Control of Generation of Code, also known as 'Code Injection', which allows for code injection in the NotFound Ark Theme Core. Recommendations: For...

10CVSS9.3AI score0.00626EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.9 views

WordPress plugin Ark Theme Core 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

10CVSS8.6AI score0.00626EPSS
Exploits0References3
OSV
OSV
added 2025/03/01 12:40 a.m.5 views

MAL-2025-1644 Malicious code in ark-boostrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03a498b564f81996bedc4aae91489b170bd4479c5e696b00a8e467ecc39f02c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/01 12:40 a.m.3 views

Malicious code in ark-boostrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03a498b564f81996bedc4aae91489b170bd4479c5e696b00a8e467ecc39f02c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Patchstack
Patchstack
added 2025/02/24 9:38 a.m.6 views

WordPress Ark Theme Core plugin < 1.71.0 - Unauthenticated Remote Code Execution (RCE) vulnerability

Unauthenticated Remote Code Execution RCE vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Ark Theme Core versions 1.71.0...

10CVSS7.5AI score0.00626EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/02/21 12:0 a.m.7 views

Slackware: Security Advisory (SSA:2025-051-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.3AI score0.00271EPSS
Exploits0References3
Slackware Linux
Slackware Linux
added 2025/02/20 9:33 p.m.14 views

[slackware-security] ark

New ark packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/ark-21.12.1-i586-2slack15.0.txz: Rebuilt. The ark archive tool in KDE was found to extract to absolute paths if they are present in the...

5CVSS6.9AI score0.00271EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/20 12:0 a.m.6 views

Slackware Linux 15.0 / current ark Vulnerability (SSA:2025-051-01)

The version of ark installed on the remote host is prior to 21.12.1 / 23.08.5. It is, therefore, affected by a vulnerability as referenced in the SSA:2025-051-01 advisory. New ark packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

5CVSS5.6AI score0.00271EPSS
Exploits0References2
OSV
OSV
added 2025/02/14 12:13 p.m.5 views

OESA-2025-1132 ark security update

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed. Security Fixes: libarchiveplugin.cp...

5CVSS6.9AI score0.00271EPSS
Exploits0References2
OSV
OSV
added 2025/02/14 12:13 p.m.3 views

OESA-2025-1131 ark security update

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed. Security Fixes: libarchiveplugin.cp...

5CVSS6.9AI score0.00271EPSS
Exploits0References2
Rows per page
Query Builder