Acer ListCheck.exe 安全漏洞

Acer ListCheck.exe is a version comparison and system checking tool from Acer Taiwan, China. A security vulnerability exists in Acer ListCheck.exe that originates from a file that can be replaced by a malicious file with the same name, which could result in a local elevation of privilege...

Gohugoio Hugo Operating System Command Injection Vulnerability

Gohugoio Hugo is a framework from the Gohugoio community based on the Go language for rapid generation of static sites. An operating system command injection vulnerability exists in Hugo versions prior to 0.79.1, which stems from the fact that if a malicious file exe or bat of the same name is...

The vulnerability of the Archive::Tar module in the Perl programming language allows a hacker to bypass established access controls and compromise the integrity of information.

The vulnerability of the Archive::Tar module in the Perl programming language is related to a flaw in the mechanism for protecting against directory traversal attacks. Exploiting this vulnerability allows an attacker to bypass established access controls and re-record any file through an archive...

ALPINE-CVE-2018-12015

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name...