*Rockwell Automation AADvance-Trusted SIS Workstation *

RISK EVALUATION Successful exploitation of this vulnerability may allow remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...

EUVD-2018-0529

Malware in sbrugna...

CVE-2024-48510

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2018-1002205

DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Security Bulletin: A vulnerability in DotNetZip affects IBM Robotic Process Automation and could allow an attacker to execute arbitrary code (CVE-2024-48510).

Summary A vulnerability in DotNetZip affects IBM Robotic Process Automation and could allow an attacker to execute arbitrary code. DotNetZip was used by IBM Robotic Process Automation for compression. This library has been replaced. This bulletin identifies the fixes required to resolve the...

Siemens SiPass Integrated Third-Party Component DotNetZip Directory Traversal Vulnerability

Siemens SiPass integrated is a powerful and flexible access control system for organizations of all sizes, from simple offices to large complex facilities containing thousands of doors, gates, barriers and elevators. A directory traversal vulnerability exists in DotNetZip, a third-party component...

Directory Traversal

dotnetzip is vulnerable to Directory Traversal. The vulnerability is due to improper validation of file paths during extraction in the src/Zip.Shared/ZipEntry.Extract.cs component, allowing remote attackers to execute arbitrary code...

GHSA-XHG6-9J5J-W4VF DotNetZip Directory Traversal vulnerability

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component...

DotNetZip Directory Traversal vulnerability

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component...

CVE-2024-48510

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-48510

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-48510

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

PT-2024-33129 · Abb · Abb Drive Composer

Name of the Vulnerable Software and Affected Versions: DotNetZip versions 1.16.0 and earlier ABB Drive Composer versions prior to 2.9.1 Description: The issue allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component. This affects products that are no...

DotNetZip 路径遍历漏洞

DotNetZip is a tool by Henrik Feldt, a personal developer. NET library provided for working with ZIP files. A security vulnerability exists in DotNetZip v1.16.0 and earlier versions, which stems from the presence of a directory traversal vulnerability that allows remote attackers to execute...

CVE-2024-48510

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-48510

The CVE-2024-48510 is a directory traversal vulnerability in DotNetZip v1.16.0 and earlier that may allow remote code execution via the ZipEntry.Extract.cs component. Multiple connected advisories confirm the affected library is used in various products (e.g., IBM Robotic Process Automation, Siem...

GHSA-7378-6268-4278 DotNetZip Zip-Slip Vulnerability

DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

DotNetZip Zip-Slip Vulnerability

DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

DotNetZip.Semvered Directory Traversal Vulnerability

DotNetZip.Semvered is a library for working with zip files, which is used to create, extract or update zip files. A directory traversal vulnerability exists in DotNetZip.Semvered versions prior to 1.11.0. An attacker can exploit this vulnerability to write arbitrary files with a specially crafted...

CVE-2018-1002205

CVE-2018-1002205 affects DotNetZip.Semvered before 1.11.0. It is a Zip-Slip directory traversal vulnerability where a crafted archive entry containing ../ can be mishandled during extraction, enabling writing to arbitrary files on the target system. Root cause is improper handling of pathnames du...