Lucene search
+L

143 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/21 12:42 a.m.3 views

CVE-2026-32044

OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing...

6.7CVSS5.8AI score0.00132EPSS
Exploits0References4
OSV
OSV
added 2026/03/21 12:42 a.m.5 views

CVE-2026-32044 OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation

OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing...

6.7CVSS6AI score0.00132EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : gstreamer1-plugins-good-1.18.4-6.el9 (AXSA:2023-5649:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5649:01 advisory. gstreamer-plugins-good: Potential heap overwrite in gstmatroskademuxaddwvpkheader CVE-2022-1920 gstreamer-plugins-good: Heap-based buffer overflow i...

7.8CVSS5.9AI score0.00497EPSS
Exploits7References8
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.16 views

CVE-2020-10180

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro macOS, Cyber Security macOS, Mobile Security for Android, Smart TV Security,...

9.8CVSS6.9AI score0.01648EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-3774

Malware in sbrugna...

5.8CVSS6.2AI score0.03017EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-2642

Malware in sbrugna...

9.8CVSS9.2AI score0.01648EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-1455

Malware in sbrugna...

7.8CVSS6.1AI score0.02202EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-7103

Malware in sbrugna...

10CVSS6.4AI score0.02266EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2019-3557

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some...

9.8CVSS8.3AI score0.01711EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.13 views

CVE-2025-54564

uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution as the nobody user...

7.8CVSS6.7AI score0.00186EPSS
Exploits0References1
NVD
NVD
added 2025/08/01 6:15 p.m.11 views

CVE-2025-54564

uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution as the nobody user...

7.8CVSS0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/01 12:0 a.m.4 views

CVE-2025-54564

uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution as the nobody user...

7.4AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/01 12:0 a.m.7 views

PT-2025-31673 · Chargepoint · Chargepoint Home Flex

Name of the Vulnerable Software and Affected Versions: ChargePoint Home Flex version 5.5.4.13 Description: The software does not validate a user-controlled string for bz2 decompression, which can lead to command execution as the nobody user. Recommendations: At the moment, there is no information...

7.8CVSS6.4AI score0.00186EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/11/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2024-0375)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.02286EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2024/07/01 12:0 a.m.29 views

Debian: Security Advisory (DSA-5717-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.5AI score0.12117EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.17 views

openSUSE: Security Advisory for php7 (SUSE-SU-2023:0073-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.9AI score0.02212EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/14 12:0 a.m.14 views

Debian DSA-5425-1 : php8.2 - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5425 advisory. It was discovered that PHP's implementation of SOAP HTTP Digest authentication performed insufficient error validation, which may result in a stack information leak or use...

5.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/14 12:0 a.m.20 views

Debian DSA-5424-1 : php7.4 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5424 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/13 12:0 a.m.21 views

RHEL 9 : gstreamer1-plugins-good (RHSA-2023:2260)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2260 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contai...

7.8CVSS7.9AI score0.00497EPSS
Exploits7References18
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2023:0514-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01408EPSS
Exploits2References6
Rows per page
Query Builder