CVE-2026-27710

NanaZip is an open source file archive. Starting in version 5.0.1252.0 and prior to versions 6.0.1638.0 and 6.5.1638.0, a denial-of-service vulnerability exists in NanaZip’s .NET Single File Application parser. A crafted bundle can force an integer underflow in header-size calculation and trigger...

EUVD-2018-3415

Malware in sbrugna...

EUVD-2017-7981

Malware in sbrugna...

EUVD-2014-9620

Malware in sbrugna...

CVE-2024-0911

A flaw was found in indent, a program for formatting C code. This issue may allow an attacker to trick a user into processing a specially crafted file to trigger a heap-based buffer overflow, causing the application to crash...

CVE-2024-0417

A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...

Path traversal

A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...

CVE-2024-0417 DeShang DSShop MemberAuth.php path traversal

A vulnerability, which was classified as critical, was found in DeShang DSShop up to 2.1.5. This affects an unknown part of the file application/home/controller/MemberAuth.php. The manipulation of the argument memberinfo leads to path traversal: '../filedir'. It is possible to initiate the attack...

CVE-2024-0415

CVE-2024-0415 affects DeShang DSMall up to version 6.1.0, where an unknown functionality in Image URL Handler (file: application/home/controller/TaobaoExport.php) allows improper access control. The vulnerability can be exploited remotely and was disclosed publicly. Documented mitigation in PT-20...

CVE-2022-48324

Multiple Cross Site Scripting XSS vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: 1 pesquisa, 2 data, 3 data2, 4 nome, 5 descricao, 6 idDocumentos, 7 id in file application/controllers/Arquivos.php; 8 senha, 9 nomeCliente, 10 contato, 1...

CVE-2022-48325

Multiple Cross Site Scripting XSS vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: 1 year, 2 oldSenha, 3 novaSenha, 4 termo, 5 nome, 6 cnpj, 7 ie, 8 cep, 9 logradouro, 10 numero, 11 bairro, 12 cidade, 13 uf, 14 telefone, 15 email, 16 id,...

CVE-2021-4297

A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runspost of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is...

ccsv Double Free vulnerability

The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact via a crafted file...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from post-release usage in the File API. A remote attacker could exploit this vulnerability to cause a denial of service or execute arbitrary code on the system...

CVE-2021-32491

A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render in tools/ddjvu via crafted djvu file may lead to application crash and other consequences...

Out-of-bounds

A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::hasdata via crafted djvu file may lead to application crash and other consequences...

CVE-2021-3598

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...

CVE-2021-32490

A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds write in function DJVU::filterbv via crafted djvu file may lead to application crash and other consequences...

Amazon Linux 2 : libjpeg-turbo (ALAS-2019-1350)

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service NULL pointer dereference and application crash or execute arbitrary code via a crafted file.CVE-2016-3616 A divide by zero vulnerability has been discovered in libjpeg-turbo in allocsarray function of jmemmgr.c file...

Integer overflow

readujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service application runtime crash because of an integer overflow via a crafted file...