Lucene search
K

3291 matches found

Fedora
Fedora
added 2019/07/26 1:51 a.m.34 views

[SECURITY] Fedora 29 Update: libmspack-0.10.1-0.1.alpha.fc29

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

5.5CVSS2AI score0.01464EPSS
Exploits1
Fedora
Fedora
added 2019/07/26 1:0 a.m.42 views

[SECURITY] Fedora 30 Update: libmspack-0.10.1-0.1.alpha.fc30

The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...

5.5CVSS2AI score0.01464EPSS
Exploits1
OpenVAS
OpenVAS
added 2019/07/26 12:0 a.m.23 views

Fedora Update for libmspack FEDORA-2019-6235a32624

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.01464EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/07/26 12:0 a.m.26 views

Fedora Update for libmspack FEDORA-2019-da6be81bd3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.01464EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/07/04 12:0 a.m.3 views

The vulnerability of the GZIP decompression mechanism in the AsyncOS operating system of Cisco Email Security Appliance allows attackers to bypass the configured content filters on the device.

The vulnerability of the GZIP decompression mechanism in the AsyncOS operating system used by Cisco Email Security Appliance exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass the configured content filters on the device by sendin...

5.8CVSS5.5AI score0.01361EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2019/06/20 3:15 a.m.18 views

CVE-2019-1905

A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance ESA could allow an unauthenticated, remote attacker to bypass configured content filters on the device. The vulnerability is due to improper validation of GZIP-formatted files. An attacke...

5.8CVSS5.6AI score0.01361EPSS
Exploits0References2
OSV
OSV
added 2019/06/19 11:15 p.m.2 views

ALPINE-CVE-2019-12900

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors...

9.8CVSS8.8AI score0.08042EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/06/11 5:33 a.m.4 views

rubygems: Delete directory using symlink when decompressing tar

A Directory Traversal issue was discovered in RubyGems 2.7.6 and later through 3.0.2. Before making new directories or touching files which now include path-checking code for symlinks, it would delete the target destination. If that destination was hidden behind a symlink, a malicious gem could...

8.8CVSS7.3AI score0.04212EPSS
Exploits1References4
CNVD
CNVD
added 2019/06/04 12:0 a.m.3 views

File Upload Vulnerability in OpenSNS

OpenSNS is a lightweight social user center framework based on OneThink. The system adheres to a minimalist design style and focuses on communication. A file upload vulnerability exists in OpenSNS. The vulnerability is due to the program when uploading zip files, automatically decompress the zip...

7.2AI score
Exploits0
Veracode
Veracode
added 2019/05/16 4:1 a.m.24 views

Unauthorised File Deletion Via Symlink

Ruby is vulnerable to unauthorised file deletion via symlink. It is possible to directory using symlink when decompressing tar...

7.4CVSS7.8AI score0.04212EPSS
Exploits1References8Affected Software11
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.70 views

Fedora Update for libmspack FEDORA-2018-a5953af115

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7.4AI score0.03806EPSS
Exploits1References2
NVD
NVD
added 2019/04/23 2:29 p.m.15 views

CVE-2018-20819

io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads...

7.8CVSS8.2AI score0.0098EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/04/15 12:0 a.m.36 views

openSUSE Security Update : libarchive (openSUSE-2019-1196)

This update for libarchive fixes the following issues : Security issues fixed : - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL pointer Dereference...

8.8CVSS6.2AI score0.04575EPSS
Exploits1References12
OSV
OSV
added 2019/04/12 7:23 a.m.10 views

OPENSUSE-SU-2019:1196-1 Security update for libarchive

This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL Pointer Dereference...

8.8CVSS7.6AI score0.04575EPSS
Exploits1References13
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.3 views

The vulnerability of the Libmspack library and the CAB-file decompression utility SabExtract, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Libmspack library mspack/cab.h and the CAB-file decompression utilities provided by SabExtract are related to memory buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures remotely...

8.6CVSS7.5AI score0.03086EPSS
Exploits0References4Affected Software5
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/12 12:0 a.m.239 views

Security update for libarchive (moderate)

openSUSE Security Update: Security update for libarchive Announcement ID: openSUSE-SU-2019:1196-1 Rating: moderate References: 1120653 1120654 1120656 1120659 1124341 1124342 Cross-References: CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000879 CVE-2018-1000880 CVE-2019-1000019 CVE-2019-1000020...

8.8CVSS6.6AI score0.04575EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2019/04/02 12:0 a.m.33 views

SUSE SLED15 / SLES15 Security Update : libarchive (SUSE-SU-2019:0831-1)

This update for libarchive fixes the following issues : Security issues fixed : CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 CVE-2018-1000879: Fixed a NULL pointer Dereference...

8.8CVSS6.3AI score0.04575EPSS
Exploits1References19
CNVD
CNVD
added 2019/04/01 12:0 a.m.1 views

Long Range Zip Denial of Service Vulnerability (CNVD-2019-14257)

Long Range Zip a.k.a. lrzip is an open source compression utility for large file compression.LZO is one of the lossless data compression algorithms used in... A security vulnerability exists in the 'lzo1xdecompress' function in the liblzo2.so.2 file of LZO version 2.10 used in lrzip version 0.631...

5.5CVSS6.9AI score0.01184EPSS
Exploits1References1
myhack58
myhack58
added 2019/02/22 12:0 a.m.276 views

WinRAR aeration elder has a major vulnerability that hackers can be malicious programs implanted in the boot process-vulnerability warning-the black bar safety net

Foreign security agencies to Check Point disclosed that of the famous compression software WinRAR the presence of a elder level of security vulnerability once used by hackers, hackers could a malicious app implant user's computer by a boot program, the vulnerability in 2005 already exists. WinRAR...

6.8CVSS0.8AI score0.96274EPSS
Exploits16
Debian
Debian
added 2019/02/07 7:27 p.m.156 views

[SECURITY] [DLA 1668-1] libarchive security update

Package : libarchive Version : 3.1.2-11+deb8u7 CVE ID : CVE-2019-1000019 CVE-2019-1000020 Fuzzing found two further file-format specific issues in libarchive, a read-only segfault in 7z, and an infinite loop in ISO9660. CVE-2019-1000019 Out-of-bounds Read vulnerability in 7zip decompression, that...

6.5CVSS6.5AI score0.03407EPSS
Exploits1
Rows per page
Query Builder