Lucene search
K

63 matches found

OSV
OSV
added 2026/04/28 8:10 a.m.7 views

USN-8214-1 nltk vulnerability

It was discovered that NLTK incorrectly handled file extraction when opening a maliciously crafted zip file. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...

10CVSS8.6AI score0.0079EPSS
Exploits1References2
OSV
OSV
added 2026/03/27 2:7 p.m.6 views

OESA-2026-1771 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

7.5CVSS5.9AI score0.00301EPSS
Exploits1References2
OSV
OSV
added 2026/03/27 2:7 p.m.6 views

OESA-2026-1768 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

7.5CVSS5.9AI score0.00301EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.6 views

yauzl 安全漏洞

Yauzl is a Node.js decompression library developed by Josh Wolfe. Version 3.2.0 of Yauzl contains a security vulnerability, which stems from a minor error in the NTFS extended timestamp parser. This vulnerability may lead to a denial-of-service attack when processing specially crafted ZIP files...

6.9CVSS5.8AI score0.00485EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.7 views

NLTK 安全漏洞

NLTK is an open-source natural language toolkit developed by NLTK. It is used to support research and development in natural language processing. NLTK has a security vulnerability that stems from the unzipiter function using zipfile.extractall without performing path validation or security checks...

10CVSS7.6AI score0.0079EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-15924

Malware in sbrugna...

5.5CVSS5.5AI score0.00656EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-7983

Malware in sbrugna...

7.8CVSS7AI score0.07448EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-46646

Malicious code in bioql PyPI...

7.1CVSS4.2AI score0.23043EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1146

Malicious code in bioql PyPI...

5.5CVSS5.9AI score0.00698EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-29768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because ...

4.4CVSS4.8AI score0.00342EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/25 3:59 p.m.3 views

CVE-2014-125119 WinRAR < 5.00 Filename Spoofing RCE

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the file name from the Central Directory is displayed to the use...

8.4CVSS7.7AI score0.01495EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2025/03/25 7:0 a.m.1 views

Vim vulnerable to potential data loss with zip.vim and special crafted zip files

...

4.4CVSS4.2AI score0.00342EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/03/14 2:56 a.m.4 views

SUSE CVE-2025-29768

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...

6.1CVSS6.8AI score0.00342EPSS
Exploits0References6
OSV
OSV
added 2025/03/13 5:15 p.m.9 views

AZL-58632 CVE-2025-29768 affecting package vim for versions less than 9.1.1198-1

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...

4.4CVSS6.1AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2025/03/13 5:15 p.m.2 views

ALPINE-CVE-2025-29768

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...

4.4CVSS6.8AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2025/03/13 5:15 p.m.3 views

UBUNTU-CVE-2025-29768

Vim, a text editor, is vulnerable to potential data loss with zip.vim and special crafted zip files in versions prior to 9.1.1198. The impact is medium because a user must be made to view such an archive with Vim and then press 'x' on such a strange filename. The issue has been fixed as of Vim...

4.4CVSS6.1AI score0.00342EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/13 12:0 a.m.1 views

Vim 参数注入漏洞

Vim is a cross-platform text editor from the Vim open source. A parameter injection vulnerability exists in Vim versions prior to 9.1.1198, which stems from zip.vim and specially crafted zip files that may result in data loss...

4.4CVSS4.3AI score0.00342EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/13 12:0 a.m.18 views

FreeBSD : vim -- potential data loss with zip.vim and specially crafted zip files (9cf03c96-ffa5-11ef-bb15-002590af0794)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9cf03c96-ffa5-11ef-bb15-002590af0794 advisory. Vim reports: See https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf Tenable has extract...

4.4CVSS5AI score0.00342EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/28 12:30 a.m.9 views

CVE-2025-25784

An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file...

9.8CVSS7.7AI score0.00998EPSS
Exploits1References1
Mageia
Mageia
added 2025/02/14 10:55 p.m.19 views

Updated python-zipp packages fix security vulnerability

Denial of Service via crafted zip file in jaraco/zipp. CVE-2024-5569...

6.2CVSS6.7AI score0.00236EPSS
Exploits0References2
Rows per page
Query Builder