12 matches found
EUVD-2009-1269
Malware in sbrugna...
Vim has path traversial issue with tar.vim and special crafted tar files
...
CVE-2025-53905
CVE-2025-53905 affects Vim where, prior to version 9.1.1552, the tar.vim plugin is vulnerable to a path traversal in crafted tar archives. This can allow overwriting arbitrary files when a user opens such archives; exploitation is feasible only with user interaction. Affected behavior includes po...
The vulnerability of the tar.vim plugin for the Vim text editor allows a hacker to execute arbitrary code.
The vulnerability of the tar.vim plugin for the Vim text editor is related to the lack of measures taken at the control level to clean up data. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially created tar files...
MGASA-2025-0089 Updated vim packages fix security vulnerability
Potential code execution with tar.vim and special crafted tar files...
vim -- Potential code execution
vim reports: Summary Potential code execution with tar.vim and special crafted tar files Description Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of compressed or uncompressed tar files. Since commit 129a844 Nov 11, 2024 runtimetar: Update tar.vim to support...
CVE-2024-0406 Mholt/archiver: path traversal vulnerability
A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of files with the user's or application's privilege...
PT-2024-15532 · Unknown · Mholt/Archiver
Name of the Vulnerable Software and Affected Versions: mholt/archiver affected versions not specified Description: A flaw was discovered in the mholt/archiver package, allowing an attacker to create a specially crafted tar file. When unpacked, this file may allow access to restricted files or...
Autolab 路径遍历漏洞
Autolab is a course management service. It supports automatically graded programming assignments. A security vulnerability exists in Autolab 2.10.0 and earlier versions, which stems from a Tar slip vulnerability found in Autolab's MOSS feature that can be exploited by an attacker to upload...
Updated libtar packages fix security vulnerability
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read. CVE-2021-33643 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger...
CVE-2018-1000888
PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...
PT-2016-7862 · Gnome +2 · Gnome Structured File Library +2
Name of the Vulnerable Software and Affected Versions: GNOME Structured File Library versions prior to 1.14.41 Description: The issue is related to an error within the tar directory for file function in the gsf-infile-tar.c file, which can be exploited to trigger a Null pointer dereference, causi...