Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-1269

Malware in sbrugna...

7.8CVSS6AI score0.05067EPSS
Exploits0References16
Microsoft CVE
Microsoft CVE
added 2025/08/06 7:0 a.m.4 views

Vim has path traversial issue with tar.vim and special crafted tar files

...

4.1CVSS7AI score0.00242EPSS
Exploits1
CVE
CVE
added 2025/07/15 8:48 p.m.62 views

CVE-2025-53905

CVE-2025-53905 affects Vim where, prior to version 9.1.1552, the tar.vim plugin is vulnerable to a path traversal in crafted tar archives. This can allow overwriting arbitrary files when a user opens such archives; exploitation is feasible only with user interaction. Affected behavior includes po...

4.1CVSS7.3AI score0.00242EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/28 12:0 a.m.10 views

The vulnerability of the tar.vim plugin for the Vim text editor allows a hacker to execute arbitrary code.

The vulnerability of the tar.vim plugin for the Vim text editor is related to the lack of measures taken at the control level to clean up data. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially created tar files...

7.1CVSS6.6AI score0.20775EPSS
Exploits0References8Affected Software8
OSV
OSV
added 2025/03/06 5:56 p.m.8 views

MGASA-2025-0089 Updated vim packages fix security vulnerability

Potential code execution with tar.vim and special crafted tar files...

7.1CVSS7.7AI score0.20775EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2025/03/02 12:0 a.m.8 views

vim -- Potential code execution

vim reports: Summary Potential code execution with tar.vim and special crafted tar files Description Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Since commit 129a844 Nov 11, 2024 runtimetar: Update tar.vim to support...

7.9AI score
Exploits0References1
Cvelist
Cvelist
added 2024/04/06 4:11 p.m.36 views

CVE-2024-0406 Mholt/archiver: path traversal vulnerability

A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privilege...

6.1CVSS6.3AI score0.00928EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/02/01 12:0 a.m.5 views

PT-2024-15532 · Unknown · Mholt/Archiver

Name of the Vulnerable Software and Affected Versions: mholt/archiver affected versions not specified Description: A flaw was discovered in the mholt/archiver package, allowing an attacker to create a specially crafted tar file. When unpacked, this file may allow access to restricted files or...

7.8CVSS8.6AI score0.00928EPSS
Exploits1References28
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.5 views

Autolab 路径遍历漏洞

Autolab is a course management service. It supports automatically graded programming assignments. A security vulnerability exists in Autolab 2.10.0 and earlier versions, which stems from a Tar slip vulnerability found in Autolab's MOSS feature that can be exploited by an attacker to upload...

7.2CVSS7AI score0.00887EPSS
Exploits0References3
Mageia
Mageia
added 2022/09/16 7:39 p.m.40 views

Updated libtar packages fix security vulnerability

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read. CVE-2021-33643 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger...

9.1CVSS2.1AI score0.01431EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/12/28 12:0 a.m.37 views

CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

8.8CVSS7.2AI score0.19207EPSS
Exploits5References6
Positive Technologies
Positive Technologies
added 2016/12/06 12:0 a.m.3 views

PT-2016-7862 · Gnome +2 · Gnome Structured File Library +2

Name of the Vulnerable Software and Affected Versions: GNOME Structured File Library versions prior to 1.14.41 Description: The issue is related to an error within the tar directory for file function in the gsf-infile-tar.c file, which can be exploited to trigger a Null pointer dereference, causi...

8.4CVSS5.6AI score0.0133EPSS
Exploits0References44
Rows per page
Query Builder