201 matches found
BIT-LIBPYTHON-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...
SUSE CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...
UBUNTU-CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...
CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...
DEBIAN-CVE-2025-8291
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...
CVE-2025-8291
CVE-2025-8291 affects the Python standard library's zipfile handling. The Zip64 End of Central Directory (EOCD) Locator offset was not validated to match the expected value, causing the zipfile module to treat the EOCD record as the previous entry in the archive, leading to inconsistent handling ...
Improper Handling of Length Parameter Inconsistency
Overview Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency in the zipfile module when the End of Central Directory EOCD Locator record offset is not properly validated. An attacker can modify a crafted ZIP archive to cause incorrect file...
CVE-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked
The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...
EUVD-2018-6260
Malware in sbrugna...
EUVD-2021-17236
Malware in sbrugna...
EUVD-2006-0153
Malware in sbrugna...
EUVD-2017-4650
Malware in sbrugna...
PT-2025-41152
Name of the Vulnerable Software and Affected Versions Python versions prior to 2.3 Description The 'zipfile' module does not validate the ZIP64 End of Central Directory EOCD Locator record offset value, leading to potential discrepancies in how ZIP archives are handled compared to other ZIP...
ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
...
CVE-2025-39943 ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate dataoffset and datalength field of smbdirectdatatransfer If dataoffset and datalength of smbdirectdatatransfer struct are invalid, out of bounds issue could happen. This patch validate dataoffset and...
SUSE CVE-2025-38715
In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...
UBUNTU-CVE-2025-38715
In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...
CVE-2025-38715
Technical details for CVE-2025-38715 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2025-38715 hfs: fix slab-out-of-bounds in hfs_bnode_read()
In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...
CVE-2025-38715 hfs: fix slab-out-of-bounds in hfs_bnode_read()
In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...