GHSA-763J-3P5V-JFC6 androidqf: APK download Path Traversal in device APK paths

Summary During device acquisition, getPathToLocalCopy constructs local filesystem paths for downloaded APKs using a filename component extracted by extractFileName. The extraction splits on ==/ and takes the remainder without sanitization. If a compromised device returns a crafted APK path...

EUVD-2006-4106

Malware in sbrugna...

CVE-2024-53142

CVE-2024-53142: Linux kernel initramfs fix for filename buffer overrun. Root cause: during initramfs cpio extraction, the do_name() path passed a non-zero-terminated filename to kernel file operations, allowing trailing bytes from uninitialized memory to be incorporated into a created path. Impac...

Security update for axel (moderate)

openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...

openSUSE Security Update : axel (openSUSE-2020-778)

This update for axel fixes the following issues : axel was updated to 2.17.8 : - CVE-2020-13614: SSL Certificate Hostnames were not verified boo1172159 - Replaced progressbar line clearing with terminal control sequence - Fixed parsing of Content-Disposition HTTP header - Fixed User-Agent HTTP...

CVE-2006-4116

Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in 1 an LHZ archive, when saving the filename during extraction; and 2 an LHZ archive with an invalid CRC checksum, when constructing an error message...