Lucene search
K

11 matches found

Ubuntu
Ubuntu
added 2024/10/14 12:54 p.m.24 views

USN-7015-4: Python vulnerability

USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special...

5.3CVSS6.8AI score0.02507EPSS
Exploits1
Ubuntu
Ubuntu
added 2024/09/16 12:15 p.m.252 views

USN-7015-1: Python vulnerabilities

It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. CVE-2023-27043 It was discovered that Python allowed excessive backtracking while parsing...

8.7CVSS6.8AI score0.02507EPSS
Exploits4
Debian
Debian
added 2022/05/27 11:32 a.m.18 views

[SECURITY] [DLA 3030-1] zipios++ security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3030-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 27, 2022 https://wiki.debian.org/LTS -...

6.5CVSS6.5AI score0.02026EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/02/03 4:10 p.m.3 views

golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)

A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. An attacker capable of submitting a crafted ZIP file to a Go application using archive/zip to process that file could...

7.5CVSS7.1AI score0.06934EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/09/16 3:24 p.m.3 views

golang: archive/zip: malformed archive may cause panic or memory exhaustion

A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...

7.5CVSS7.1AI score0.03464EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/08/10 4:13 p.m.6 views

golang: archive/zip: malformed archive may cause panic or memory exhaustion

A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...

7.5CVSS7.1AI score0.03464EPSS
Exploits1References5
OSV
OSV
added 2019/07/15 2:37 p.m.3 views

USN-4057-1 Zipios vulnerability

Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. CVE-2019-13453...

6.5CVSS6.6AI score0.02026EPSS
Exploits0References2
OSV
OSV
added 2018/07/03 12:47 p.m.3 views

USN-3699-1 zziplib vulnerabilities

It was discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.5CVSS6.6AI score0.02854EPSS
Exploits7References8
OSV
OSV
added 2017/06/15 3:7 p.m.5 views

USN-3320-1 zziplib vulnerabilities

Agostino Sarubbo discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code...

5.5CVSS6.2AI score0.02078EPSS
Exploits8References8
securityvulns
securityvulns
added 2011/10/10 12:0 a.m.42 views

Medium severity flaw with Ark

I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of the temporary file name. Whilst this doe...

6.8CVSS0.7AI score0.02952EPSS
Exploits2
FreeBSD
FreeBSD
added 2005/01/27 12:0 a.m.32 views

clamav -- zip handling DoS vulnerability

The clamav daemon is vulnerable to a DoS vulnerability due to insufficient handling of malformed zip files which can crash the clamav daemon...

5CVSS6.4AI score0.02547EPSS
Exploits0References1
Rows per page
Query Builder