13 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of error handling in the rxgxkextracttoken function. When rxgxkdecryptskb returns -ENOME...
CVE-2026-34527 Sandboxie-Plus EditPassword hash entropy reduced from 160 bits to 80 bits due to incorrect nibble extraction
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit...
CVE-2026-34527 Sandboxie-Plus EditPassword hash entropy reduced from 160 bits to 80 bits due to incorrect nibble extraction
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit...
Security update for python3
This update for python3 fixes the following issues: Security fixes: CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter="data" bsc1244032 CVE-2025-4330: Fixed extraction filter bypass for linking outside extraction directory bsc1244060...
CVE-2025-4435
CVE-2025-4435 affects CPython tarfile: when TarFile.errorlevel=0 and a filter is used, the filter-verified members could be extracted instead of skipped. Root cause described as the extraction filter bypassing for errorlevel=0 in affected versions. Impact per CVSS: HIGH (I) with no availability o...
CVE-2025-4435
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...
PT-2025-23610
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue concerns the behavior of TarFile when extracting with a filter and TarFile.errorlevel = 0. The documented behavior is that any filtered members should be skipped and not extracted...
CVE-2019-14022
Error occurs While extracting the ipv6header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8096AU, MDM9205, MDM9206, MDM9607, MDM9640, MDM9650, MSM8905,...
RARLabs WinRAR Multiple Vulnerabilities (Mar 2025) - Windows
WinRAR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rarlab:winrar"; ifdescription...
Exploit for Path Traversal in Microsoft
Fully Weaponized CVE-2021-40444 Malicious docx generator to e...
RADIUS Group Extraction Failing with Error "Extracted group : Null"
NetScaler unable to extract the group from the Radius server and we get the following response from the Radius server"Extracted group : Null" in aaad.debug log...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta 4.50, and possibly other versions, allow remote attackers to execute arbitrary PHP code via a URL in the csbasepath parameter to 1 docs.php and 2 include/admin/deviceadmin.php. NOTE: the header.php vector is already covered by...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the SERVERDOCUMENTROOT parameter in 1 poll.php and 2 pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable...