Lucene search
K

6 matches found

Cvelist
Cvelist
added 2023/11/30 1:26 p.m.33 views

CVE-2023-5965 Unrestricted Upload of File with Dangerous Type in EspoCRM

An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution...

4.7CVSS9.3AI score0.01049EPSS
Exploits0References1
Mageia
Mageia
added 2022/10/18 11:14 p.m.45 views

Updated unzip packages fix security vulnerability

Improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. CVE-2021-4217 Conversion of a wide string to a local string that leads to a heap of out-of-bound write. Thi...

5.5CVSS3AI score0.02421EPSS
Exploits3References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/08/10 12:0 a.m.76 views

Security update for apache-commons-compress (important)

openSUSE Security Update: Security update for apache-commons-compress Announcement ID: openSUSE-SU-2021:1115-1 Rating: important References: 1188463 1188464 1188465 1188466 Cross-References: CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090 CVSS scores: CVE-2021-35515 NVD : 7.5...

7.5CVSS6.7AI score0.13292EPSS
Exploits0References4
Cent OS
Cent OS
added 2018/06/14 3:10 p.m.134 views

plexus security update

CentOS Errata and Security Advisory CESA-2018:1836 An update for plexus-archiver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

5.5CVSS6.8AI score0.13179EPSS
Exploits1References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.151 views

globalSCAPE CuteZIP Stack Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex/zip' cla...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/04/11 12:0 a.m.32 views

GLSA-200804-06 : UnZip: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200804-06 UnZip: User-assisted execution of arbitrary code Tavis Ormandy of the Google Security Team discovered that the NEEDBITS macro in the inflatedynamic function in the file inflate.c can be invoked using invalid buffers, whi...

9.3CVSS6.2AI score0.0629EPSS
Exploits1References2
Rows per page
Query Builder