CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Github Security Blog•added 2026/01/22 10:30 p.m.•6 views

Container and Containerization archive extraction does not guard against escapes from extraction base directory.

Summary The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system...

7.8CVSS5.5AI score0.00012EPSS

Exploits1References3Affected Software2

RedhatCVE•added 2026/01/07 9:43 a.m.•9 views

CVE-1999-0313

diskbandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames...

7.2CVSS7AI score0.00061EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2000-1060

Malware in sbrugna...

10CVSS6.4AI score0.07047EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2002-1029

Malware in sbrugna...

5CVSS6.4AI score0.00502EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2002-1030

Malware in sbrugna...

5CVSS6.4AI score0.0061EPSS

Exploits0References3

RedhatCVE•added 2020/04/07 11:36 a.m.•30 views

CVE-2018-9159

In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark...

5.3CVSS5.1AI score0.00787EPSS

Exploits0References1

Mageia•added 2018/11/17 10:23 p.m.•42 views

Updated libmspack/cabextract packages fix security vulnerabilities

Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service CVE-2018-14679, CVE-2018-14680. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue...

8.8CVSS1.9AI score0.05833EPSS

Exploits2References4

UbuntuCve•added 2018/10/23 2:29 a.m.•22 views

CVE-2018-18586

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended...

5.3CVSS6.5AI score0.00606EPSS

Exploits1References2

Cvelist•added 2018/10/23 2:0 a.m.•10 views

CVE-2018-18586

5AI score0.00606EPSS

Exploits1References4

Github Security Blog•added 2018/10/19 4:56 p.m.•18 views

Moderate severity vulnerability that affects com.sparkjava:spark-core

5.3CVSS5.2AI score0.00787EPSS

Exploits0References9Affected Software1

RedHat Linux•added 2018/08/14 7:51 p.m.•0 views

spark: Absolute and relative pathnames allow for unintended static file disclosure

5.3CVSS5.9AI score0.00787EPSS

Exploits0References4

RedHat Linux•added 2018/06/26 4:40 p.m.•2 views

spark: Absolute and relative pathnames allow for unintended static file disclosure

5.3CVSS5.9AI score0.00787EPSS

Exploits0References4

Veracode•added 2018/04/02 4:12 a.m.•15 views

Directory Traversal

spark-core is vulnerable to directory traversal attacks. Attackers can access files outside of the intended directory by using relative pathnames and including items such as ../ when performing requests...

5.3CVSS5.7AI score0.00787EPSS

Exploits0References8Affected Software1

OSV•added 2018/03/31 9:29 p.m.•26 views

CVE-2018-9159

5.3CVSS7.1AI score

Exploits0References7

Cvelist•added 2018/03/31 9:0 p.m.•17 views

CVE-2018-9159

5.2AI score0.00787EPSS

Exploits0References7

RedHat Linux•added 2004/04/14 2:0 p.m.•4 views

Moderate: Red Hat Security Advisory: : : : Updated CVS packages fix security issue

Updated cvs packages that fix a client vulnerability that could be exploited by a malicious server are now available. Updated Apr 19 2004 The description text has been updated to include CAN-2004-0405 which was also fixed but not mentioned when this advisory was first released. There has been no...

5CVSS5.8AI score0.04165EPSS

Exploits0

RedHat Linux•added 2004/04/14 1:59 p.m.•24 views

Moderate: Red Hat Security Advisory: cvs security update

5CVSS5.8AI score0.04165EPSS

Exploits0References2