Lucene search
K

4 matches found

NVD
NVD
added 2025/06/06 7:15 p.m.7 views

CVE-2025-3485

Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementati...

8.8CVSS0.01781EPSS
Exploits0References2
CVE
CVE
added 2025/06/06 6:50 p.m.47 views

CVE-2025-3485

CVE-2025-3485 describes a directory traversal in Allegra’s extractFileFromZip that fails to validate a user-supplied path before file operations, enabling remote code execution in the current process with network access. Authentication is required to exploit. Root cause: improper path validation ...

8.8CVSS7.5AI score0.01781EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/06/06 6:50 p.m.11 views

CVE-2025-3485 Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability

Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementati...

7.2CVSS0.01781EPSS
Exploits0References2
Circl
Circl
added 2025/04/24 3:0 a.m.12 views

CVE-2025-3485

creationtimestamp| type| source ---|---|--- 2025-04-24 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-254/...

8.8CVSS7.2AI score0.01781EPSS
Exploits0References1
Rows per page
Query Builder