EUVD-2025-20339

Malicious code in bioql PyPI...

EUVD-2022-30668

Malicious code in bioql PyPI...

CVE-2025-43001

SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by tampering with sign...

CVE-2025-42970

SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system,...

CVE-2025-42971

A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file...

CVE-2025-43001

SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by tampering with sign...

CVE-2025-42992

SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in SAPCAR. This could enable the attacker to exploit critical files and directory permissions without breaking signature validation, resulting in potential privilege escalation. This has high impact on...

CVE-2025-42970

SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system,...

CVE-2025-42971

A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file...

CVE-2025-43001

CVE-2025-43001 describes a privilege-escalation flaw in SAPCAR. An attacker with high privileges can override the permissions of the current and parent directories when extracting archives, enabling modification of critical files by tampering with signed archives without breaking signatures. The ...

CVE-2025-42992

CVE-2025-42992 describes a privilege-escalation in SAPCAR where a user with high privileges can craft a malicious SAR archive, potentially manipulating files/directories without breaking signature validation. Affected component is SAPCAR (SAR archives); root cause is improper handling/validation ...

CVE-2025-42971 Memory Corruption vulnerability in SAPCAR

A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file...

CVE-2025-42971 Memory Corruption vulnerability in SAPCAR

A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file...

CVE-2025-42971

The CVE-2025-42971 entry describes a memory corruption in SAPCAR where an attacker can craft malicious SAPCAR archives. When a high-privilege user extracts such an archive, SAPCAR processes it and may perform out-of-bounds memory reads/writes, potentially allowing file extraction and overwriting ...

CVE-2025-42970 Directory Traversal vulnerability in SAPCAR

SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system,...

CVE-2025-42970

CVE-2025-42970 affects SAPCAR: vulnerability arises from improper sanitization of file paths during extraction, enabling a malicious archive with directory traversal sequences. When a high-privilege user extracts such an archive, SAPCAR processes it and files can be extracted outside the intended...

SAP SAPCAR 缓冲区错误漏洞

SAP SAPCAR is a utility program for compressing and/or decompressing SAP archive files from SAP, Germany. A buffer error vulnerability exists in SAP SAPCAR that stems from a memory corruption that could result in out-of-bounds memory reads and writes...

PT-2025-28300 · Sap · Sapcar

Name of the Vulnerable Software and Affected Versions: SAPCAR affected versions not specified Description: The issue allows an attacker with high privileges to create a malicious SAR archive in SAPCAR, potentially enabling them to exploit critical files and directory permissions without breaking...

PT-2025-28301 · Sap · Sapcar

Name of the Vulnerable Software and Affected Versions: SAPCAR affected versions not specified Description: The issue allows an attacker with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege...

PT-2025-28290 · Sap · Sapcar

Name of the Vulnerable Software and Affected Versions: SAPCAR affected versions not specified Description: A memory corruption issue exists, allowing an attacker to create malicious SAPCAR archives. When a high-privileged victim extracts this archive, it can lead to out-of-bounds memory read and...