1231 matches found
tracker-miners: sandbox escape
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
tracker-miners: sandbox escape
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
tracker-miners: sandbox escape
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
tracker-miners: sandbox escape
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
tracker-miners: sandbox escape
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
tracker-miners: sandbox escape
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...
DEBIAN-CVE-2023-48090
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extractattributes mediatools/m3u8.c:329...
CVE-2023-48090
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extractattributes mediatools/m3u8.c:329...
UBUNTU-CVE-2023-48090
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extractattributes mediatools/m3u8.c:329...
PT-2023-8887 · Gpac +2 · Gpac +2
Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev617-g671976fcc-master Description: The issue is related to a memory leak in the extract attributes function, located in media tools/m3u8.c:329, which can lead to a denial of service. This is due to the lack of memory...
CVE-2023-5245
FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...
python: tarfile module directory traversal
A flaw was found in the Python tarfile module. Extracting a crafted TAR archive with the tarfile.extract or tarfile.extractall functions could lead to a directory traversal vulnerability, resulting in overwrite of arbitrary files...
VulnCheck KEV: CVE-2022-4063
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers...
python: tarfile module directory traversal
A flaw was found in the Python tarfile module. Extracting a crafted TAR archive with the tarfile.extract or tarfile.extractall functions could lead to a directory traversal vulnerability, resulting in overwrite of arbitrary files...
MAL-2023-8481 Malicious code in extract-react-types-mono-repo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97291f1a69bcf0454ce9436e0b9962597636b4422b1a88ff5272fdd93d91c165 The OpenSSF Package Analysis project identified 'extract-react-types-mono-repo' @ 0.0.2 npm as malicious. It is considered malicious because: -...
Malicious code in extract-react-types-mono-repo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97291f1a69bcf0454ce9436e0b9962597636b4422b1a88ff5272fdd93d91c165 The OpenSSF Package Analysis project identified 'extract-react-types-mono-repo' @ 0.0.2 npm as malicious. It is considered malicious because: -...
python: tarfile module directory traversal
A flaw was found in the Python tarfile module. Extracting a crafted TAR archive with the tarfile.extract or tarfile.extractall functions could lead to a directory traversal vulnerability, resulting in overwrite of arbitrary files...
python: tarfile module directory traversal
A flaw was found in the Python tarfile module. Extracting a crafted TAR archive with the tarfile.extract or tarfile.extractall functions could lead to a directory traversal vulnerability, resulting in overwrite of arbitrary files...
CVE-2023-3164
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...
Teams_Dump - PoC For Dumping And Decrypting Cookies In The Latest Version Of Microsoft Teams
PoC for dumping and decrypting cookies in the latest version of Microsoft Teams extract.py just dumps without arguments extract.exe is just extract.py packed into an exe List values in the database python.exe .\teamsdump.py teams --list Table: meta Columns in meta: key, value...