Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.10 views

PT-2026-48838

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

5.4AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.5 views

CVE-2020-7506

A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure...

7.5CVSS6.8AI score0.0131EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28631

Malware in sbrugna...

7.5CVSS7.6AI score0.0131EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2016:2895-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.15155EPSS
Exploits3References4
OSV
OSV
added 2020/06/16 8:15 p.m.5 views

CVE-2020-7506

A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure...

7.5CVSS7.1AI score0.0131EPSS
Exploits0References1
Prion
Prion
added 2020/06/16 8:15 p.m.19 views

Information disclosure

A CWE-200: Information Exposure vulnerability exists in Easergy T300, Firmware V1.5.2 and prior, which could allow an attacker to pack or unpack the archive with the firmware for the controller and modules using the usual tar archiver resulting in an information exposure...

5CVSS7.4AI score0.0131EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/10/25 12:0 a.m.46 views

FreeBSD : FreeBSD -- Multiple vulnerabilities in bzip2 (3c7edc7a-f680-11e9-a87f-a4badb2f4699)

The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip21 file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip21 file. Impact : An attacker who can cause...

9.3CVSS8.1AI score0.15831EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/12/06 12:0 a.m.34 views

openSUSE Security Update : tar (openSUSE-2016-1401)

This update for tar fixes the following issues : - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321 - Fix Amanda integration iss...

7.5CVSS7.4AI score0.15155EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2016/11/25 12:0 a.m.27 views

SUSE SLED12 / SLES12 Security Update : tar (SUSE-SU-2016:2896-1)

This update for tar fixes the following issues : - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path names specified on the command line bsc1007188 CVE-2016-6321 - Fix Amanda integration iss...

7.5CVSS7.4AI score0.15155EPSS
Exploits3References5
Rows per page
Query Builder