Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.3 views

PT-2025-44433

Name of the Vulnerable Software and Affected Versions Keras affected versions not specified Description The keras.utils.get file API in Keras is susceptible to a path traversal issue when the extract=True option is used with tar archives. The utility employs Python’s tarfile.extractall function...

8.9CVSS6.5AI score0.00593EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2025/05/22 8:32 p.m.3 views

CVE-2021-35958

TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.getfile is used with extract=True. NOTE: the vendor's position is that tf.keras.utils.getfile is not intended for untrusted archives...

9.1CVSS7.3AI score0.01864EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/04 12:0 a.m.3 views

Exim 缓冲区错误漏洞

Opera Software Opera is a Norwegian web browser from Opera Software that supports multi-window browsing, customizable user interfaces, etc. Exim is an open source messaging agent MTA that runs on Unix systems and is responsible for routing, forwarding, and delivering mail. Exim suffers from a...

9.8CVSS7.9AI score0.02959EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2017/02/13 12:0 a.m.5 views

The vulnerability of the unarj library, which provides data archiving, allows attackers to re-record any files they choose.

The vulnerability of the -x command line option for extracting the unarj library, which handles data archiving, is related to deficiencies in path name restrictions. Exploiting this vulnerability allows a malicious actor to overwrite arbitrary files using an arj archive with file names containing...

5CVSS5.6AI score0.02737EPSS
Exploits0References13Affected Software1
Positive Technologies
Positive Technologies
added 2004/11/16 12:0 a.m.2 views

PT-2004-1119 · Unarj · Unarj

Name of the Vulnerable Software and Affected Versions: unarj affected versions not specified Description: The issue is related to a directory traversal vulnerability in the -x extract command line option. This vulnerability allows remote attackers to overwrite arbitrary files by using an arj...

5CVSS6.2AI score0.02737EPSS
Exploits0References14
Rows per page
Query Builder