MiracleLinux 8 : libarchive-3.3.3-3.el8 (AXSA:2022-3102:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3102:01 advisory. libarchive: extracting a symlink with ACLs modifies ACLs of target CVE-2021-23177 libarchive: symbolic links incorrectly followed when changing mode...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2025:02778-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02778-1 advisory. - CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler...

PT-2025-23609

Name of the Vulnerable Software and Affected Versions Python versions 3.12 and later Description The issue allows the extraction filter to be ignored, enabling symlink targets to point outside the destination directory and the modification of some file metadata. This affects users who utilize the...

SUSE-SU-2024:0305-1 Security update for cpio

This update for cpio fixes the following issues: - Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 bsc1218571, bsc1219238...

SUSE-SU-2016:2895-1 Security update for tar

This update for tar fixes the following issues: - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321...

[Full-Disclosure] unace-1.2b multiple buffer overflows and directory traversal bugs

I have found multiple security vulnerabilities in unace-1.2b. It is the last free version. The later versions are just binaries for the x86 processor, which is unhelpful if you want to use free software or if your computer has a non-x86 processor. There are two buffer overflows when extracting,...

cabextract -- insecure directory handling

cabextract has insufficient checks for file names that contain ../. This can cause files to be extracted to the parent directory...

SECURITY.NNOV: special devices access in multiple archivers

Hello, Topic: Special devices access in multiple archivers Author: 3APA3A [email protected] Platform: Windows Affected Software: WinZIP Computing's WinZIP 8.0, PKWare PkZip 4.0, RARSoft WinRar 2.80 Risk: average Released: July, 5, 2001 SECURITY.NNOV advisories:...

Multiple archivers special DOS/Windows devices access

Topic: Special devices access in multiple archivers Author: 3APA3A Platform: Windows Affected Software: WinZIP Computing's WinZIP 8.0, PKWare PkZip 4.0, RARSoft WinRar 2.80 Risk: average Released: July, 5, 2001 SECURITY.NNOV advisories: http://security.nnov.ru/advisories Background: Archive...