CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

EUVD•added 2025/10/03 8:7 p.m.•11 views

EUVD-2022-51750

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00756EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 5:23 p.m.•8 views

CVE-2025-5031

A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the component wxapkg File Decompression Handler. The manipulation leads to resource consumption. The attack may be initiated remotely. The complexity of an...

3.1CVSS6.8AI score0.00319EPSS

Exploits0References1

Veracode•added 2025/05/23 4:55 a.m.•6 views

Denial Of Service (DoS)

github.com/ackites/killwxapkg is vulnerable to resource consumption. The vulnerability is due to improper handling of wxapkg file decompression also by unknown processing issues, which allows an attacker to remotely trigger a resource consumption attack with high complexity...

3.1CVSS6.6AI score0.00319EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2025/05/23 4:20 a.m.•3 views

CVE-2023-42526

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Clien...

7.5CVSS7.1AI score0.00218EPSS

Exploits0

RedhatCVE•added 2025/05/23 12:17 a.m.•6 views

CVE-2022-4402

A vulnerability classified as critical has been found in RainyGao DocSys 2.02.37. This affects an unknown part of the component ZIP File Decompression Handler. The manipulation leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to...

7.2CVSS7AI score0.00756EPSS

Exploits0References1

OSV•added 2025/05/21 6:33 p.m.•2 views

GHSA-PQQP-7CP8-VXVF Ackites KillWxapkg Zip Bomb Resource Exhaustion

3.1CVSS7.1AI score0.00319EPSS

Exploits0References6

Github Security Blog•added 2025/05/21 6:33 p.m.•13 views

Ackites KillWxapkg Zip Bomb Resource Exhaustion

3.1CVSS6.8AI score0.00319EPSS

Exploits0References6Affected Software1

NVD•added 2025/05/21 5:15 p.m.•12 views

CVE-2025-5031

3.1CVSS0.00319EPSS

Exploits0References5

Vulnrichment•added 2025/05/21 5:0 p.m.•6 views

CVE-2025-5031 Ackites KillWxapkg wxapkg File Decompression resource consumption

3.1CVSS6.8AI score0.00319EPSS

Exploits0References5

OSV•added 2024/09/23 8:47 p.m.•9 views

GHSA-2WQ5-G96F-MV3V Ouch! allows a segmentation fault due to use of uninitialized memory

When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convertzipdatetime". In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object, the address of the object is changed to the...

5.1CVSS7.1AI score

Exploits0References3

Github Security Blog•added 2024/09/23 8:47 p.m.•8 views

Ouch! allows a segmentation fault due to use of uninitialized memory

7.1AI score

Exploits0References3Affected Software1

OSV•added 2024/09/22 12:0 p.m.•6 views

RUSTSEC-2024-0374 Segmentation fault due to use of uninitialized memory

7.1AI score

Exploits0References3

OSV•added 2023/08/22 7:16 p.m.•4 views

CVE-2020-22916

An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and "denial of service" because decompression of the 17,486 bytes always results in 114,881,179 bytes, which is often a...

5.5CVSS6.5AI score0.00046EPSS

Exploits0References7

Veracode•added 2023/08/19 2:43 a.m.•19 views

Denial Of Service (DoS)

libclamav.so is vulnerable to Denial of Service DoS attacks. The vulnerability is caused by an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding, resulting in denial of service conditions...

7.5CVSS6.6AI score0.005EPSS

Exploits0References6Affected Software2

NVD•added 2022/12/11 8:15 a.m.•12 views

CVE-2022-4402

7.2CVSS0.00756EPSS

Exploits0References3

OSV•added 2022/12/11 8:15 a.m.•1 views

CVE-2022-4402

7.2CVSS5.3AI score0.00756EPSS

Exploits0References3

Cvelist•added 2022/12/11 12:0 a.m.•12 views

CVE-2022-4402 RainyGao DocSys ZIP File Decompression path traversal

4.7CVSS7.3AI score0.00756EPSS

Exploits0References3

CNNVD•added 2022/09/05 12:0 a.m.•1 views

WithSecure Endpoint Protection 安全漏洞

WithSecure Endpoint Protection is a cloud-native, AI-powered endpoint protection from Finland's WithSecure. It can be deployed instantly from a browser and easily managed from a single console. A security vulnerability exists in WithSecure Endpoint Protection, which stems from the fact that...

7.5CVSS7.3AI score0.00343EPSS

Exploits0References4

CNNVD•added 2022/02/09 12:0 a.m.•1 views

F-Secure antivirus engine 安全漏洞

F-secure F-Secure antivirus engine is a security engine from the Finnish company F-Secure F-secure. A security vulnerability exists in F-Secure antivirus engine, which originates from the decompression of an ACE file that causes the scanner service to stop. An attacker can remotely exploit the...

5.3CVSS5.8AI score0.00253EPSS

Exploits0References4

ATTACKERKB•added 2018/10/10 1:29 p.m.•2 views

CVE-2018-8413

A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows...

9.3CVSS6.6AI score0.62884EPSS

Exploits3References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by