Lucene search
K

4 matches found

Debian CVE
Debian CVE
added 2026/05/05 12:51 a.m.5 views

CVE-2026-44029

An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...

5.3CVSS5.9AI score0.00573EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/01/22 4:2 a.m.3 views

CVE-2026-24049 wheel Allows Arbitrary File Permission Modification via Path Traversal

wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the...

7.1CVSS6.3AI score0.00311EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/05/22 2:59 a.m.6 views

CVE-2018-10515

In CMS Made Simple CMSMS through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive...

7.2CVSS7.9AI score0.02425EPSS
Exploits1References1
Prion
Prion
added 2017/06/04 11:29 p.m.13 views

Directory traversal

Directory Traversal exists in RAR 4.x and 5.x because an unpack operation follows any symlinks, including symlinks contained in the archive. This allows remote attackers to write to arbitrary files via a crafted archive...

4.3CVSS7.2AI score0.01768EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder