openSUSE 16 Security Update : cargo-c (openSUSE-SU-2026:20060-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20060-1 advisory. - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber:...

SUSE-SU-2026:20096-1 Security update for cargo-c

This update for cargo-c fixes the following issues: - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249012 - CVE-2024-12224: idna: Fixed improper validation of Punycode labels...

Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files

Summary Upon reviewing the MobSF source code, I identified a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the...

CVE-2024-43399

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure...

CVE-2024-43399

MobSF (Mobile Security Framework) prior to version 4.0.7 contains a Zip Slip vulnerability in the Static Libraries analysis when extracting .a files. The mitigation (decoding and string replacement) is bypassable (e.g., using sequences like ....//....//....//), allowing extraction to arbitrary se...

CVE-2024-43399 Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure...

CVE-2024-43399 Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure...

PT-2024-30558 · Unknown · Mobile Security Framework

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.0.7 Description: The issue is related to a flaw in the Static Libraries analysis section of MobSF, specifically during the extraction of .a extension files. The measure intended to prevent Z...

SUSE-SU-2020:1396-1 Security update for zstd

This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. bsc1133297 - Correction in spec file marking the license as documentation. bsc1082318 - Add new package for SLE-15. jscECO-1886...

iDefense Security Advisory 12.14.05: Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow

Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow iDefense Security Advisory 12.14.05 www.idefense.com/application/poi/display?id=353&type=vulnerabilities December 14, 2005 I. BACKGROUND Trend Micro Inc.'s ServerProtect provides antivirus scanning with centralized management of virus...