4111 matches found
CVE-2025-10156
An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file with a bad Cyclic Redundancy Check CRC, which causes the...
PYSEC-2025-152
An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file with a bad Cyclic Redundancy Check CRC, which causes the...
CVE-2025-10156 PickleScan Security Bypass via Bad CRC in ZIP Archive
An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file with a bad Cyclic Redundancy Check CRC, which causes the...
CVE-2025-10156
CVE-2025-10156 concerns the ZIP archive scanning component of mmaitre314 picklescan. The issue is an improper handling of exceptional conditions: crafting a ZIP with a file having a bad CRC can cause the scanner to halt analysis of contents, leading to a file marked as safe being loaded and the e...
CVE-2025-10156 PickleScan Security Bypass via Bad CRC in ZIP Archive
An Improper Handling of Exceptional Conditions vulnerability in the ZIP archive scanning component of mmaitre314 picklescan allows a remote attacker to bypass security scans. This is achieved by crafting a ZIP archive containing a file with a bad Cyclic Redundancy Check CRC, which causes the...
CVE-2025-10155 PickleScan Security Bypass Using Misleading File Extension
An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file extension. When the pickle file incorrectly...
CVE-2025-10155
CVE-2025-10155 affects the Python tool picklescan by mmaitre314 (versions up to 0.0.30). The root cause is an ImpropER Input Validation issue in the scanning logic, which allows a standard pickle file with a PyTorch-related file extension to be treated as safe and loaded, enabling remote code exe...
PT-2025-38191
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the early init dt scan memory function did not distinguish between successful and unsuccessful memory setup. This caused subsequent memory...
picklescan 安全漏洞
picklescan is a security scanning program by the individual developer Matthieu Maitre. A security vulnerability exists in picklescan that stems from improper handling of exception conditions by the ZIP archive scanning component, which could lead to bypassing a security scan and executing malicio...
Linux Distros Unpatched Vulnerability : CVE-2022-50306
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than...
SUSE CVE-2022-50307
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
DEBIAN-CVE-2022-50306
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...
UBUNTU-CVE-2022-50306
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...
CVE-2022-50307 s390/cio: fix out-of-bounds access on cio_ignore free
In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix out-of-bounds access on cioignore free The channel-subsystem-driver scans for newly available devices whenever device-IDs are removed from the cioignore list using a command such as: echo free /proc/cioignore Since ...
CVE-2022-50307
In CVE-2022-50307, the Linux kernel s390/cio subsystem had an out-of-bounds read during cio_ignore free scans. The bug arose from an optimization that excluded online devices from scans, incorrectly assuming I/O-subchannel drvdata pointed to a private struct, which is invalid for devices bound to...
CVE-2022-50306 ext4: fix potential out of bound read in ext4_fc_replay_scan()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...
CVE-2022-50306 ext4: fix potential out of bound read in ext4_fc_replay_scan()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...
CVE-2022-50306
CVE-2022-50306 concerns a Linux kernel issue in ext4 where ext4_fc_replay_scan() could perform an out-of-bounds read during journal scan if the remaining space is smaller than EXT4_FC_TAG_BASE_LEN. The root cause is insufficient bounds checking for the three journal scan tags (ADD_RANGE/HEAD/TAIL...
Vanquish
It is an offensive tool for enumeration. The tool is called Vanquish, and it is designed to perform multiple active information gathering phases on a target system. It is built in Python and leverages various open-source enumeration tools on Kali Linux. The tool can be installed using the command...
Cobaltstrike-MS17-010
This repository is an Aggressor Script for Cobalt Strike targeting the MS17-010 vulnerability. It includes a PowerShell module for scanning and exploiting the vulnerability, as well as a stager for delivering a payload. The script is designed to run on Windows 7 x64 and Windows 2008 R2 systems. T...