CVE-2023-28068

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a...

Arbitrary File Rewrite

spring-integration-zip is vulnerable to an arbitrary file rewrite aka a zip slip vulnerability. An incomplete fix of CVE-2018-1263 allows an attacker to send a malicious zip archive bzip2, tar, xz, war, cpio, 7z with path traversal filenames, leading to writing of files outside of the target...

Mandrake Linux Security Advisory : cpio (MDKSA-2007:233)

Buffer overflow in the safernamesuffix function in GNU cpio has unspecified attack vectors and impact, resulting in a crashing stack. This problem is originally found in tar, but affects cpio too, due to similar code fragments. CVE-2007-4476 Directory traversal vulnerability in cpio 2.6 and earli...

CVE-2005-1229

CPIO (GNU cpio) prior to version 2.6 is affected by CVE-2005-1229, a directory-traversal flaw that lets an attacker write to arbitrary directories during extraction via a .. path in an archive. The root cause is that cpio does not sanitise extracted paths (even with --no-absolute-filenames). Cons...