Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-57215

Name of the Vulnerable Software and Affected Versions adm-zip versions prior to 0.5.18 Description A denial-of-service issue exists when parsing crafted ZIP files with a manipulated uncompressed size header field. The library allocates memory based on the declared uncompressed size from the ZIP...

7.5CVSS6.1AI score0.00432EPSS
Exploits0References5
CVE
CVE
added 2026/02/18 5:45 p.m.141 views

CVE-2025-14009

The CVE describes a critical remote code execution flaw in the nltk/nltk project, via the downloader component. The vulnerable code path is in _unzip_iter within nltk/downloader.py, which calls zipfile.extractall() without path validation or security checks, allowing a malicious zip package to ex...

10CVSS6.6AI score0.0079EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28867

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00415EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/03/02 12:0 a.m.4 views

PT-2025-11214

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.1.1198 Description: The issue concerns potential data loss when using Vim with the zip.vim plugin and specially crafted zip files. The impact is considered medium as it requires a user to view the malicious archive wit...

7.1CVSS6.5AI score0.20775EPSS
Exploits0References50
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.22 views

PT-2024-36562

Name of the Vulnerable Software and Affected Versions python-libarchive versions 4.2.1 and earlier Description The issue allows directory traversal, enabling the creation of files in extract in zip.py for ZipFile.extractall and ZipFile.extract functions. This can be exploited to create files...

8.8CVSS5.9AI score0.02041EPSS
Exploits1References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.2 views

SUSE CVE-2022-23951

In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...

5.5CVSS7AI score0.00415EPSS
Exploits1References3
Prion
Prion
added 2022/09/21 7:15 p.m.13 views

Design/Logic Flaw

In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...

1.9CVSS6.5AI score0.00415EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/09/21 6:25 p.m.14 views

CVE-2022-23951

In Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs...

5.5CVSS6.8AI score0.00415EPSS
Exploits1References5
Rows per page
Query Builder