Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in unzip

A flaw was discovered in Unzip. The vulnerability occurs during the conversion of a wide string to a local string, resulting in an out-of-bound write operation on the heap. This flaw allows an attacker to submit a specially crafted zip file, causing a crash or code execution...

5.5CVSS6.7AI score0.02108EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.8 views

PT-2025-48790

Name of the Vulnerable Software and Affected Versions Modula Image Gallery plugin for WordPress versions 2.13.1 through 2.13.2 Description The Modula Image Gallery plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation. This issue is present in the...

7.5CVSS7.6AI score0.00695EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-15655

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.02421EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/09/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-0529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This fl...

5.5CVSS6AI score0.02421EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-4217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows ...

3.3CVSS6AI score0.0057EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.7 views

Azure Linux 3.0 Security Update: unzip (CVE-2022-0529)

The version of unzip installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0529 advisory. - A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string...

5.5CVSS6.1AI score0.02421EPSS
Exploits1References2
OSV
OSV
added 2024/11/15 12:20 p.m.4 views

OESA-2024-2422 sbt security update

sbt is the simple build tool for Scala and Java projects. Security Fixes: sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, IO.unzip allows writing of arbitrary file. This would have potential to overwrite /root/.ssh/authorizedkeys. Within sbt's main code...

7.1CVSS7AI score0.0034EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.3 views

SUSE CVE-2021-4217

A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...

4.7CVSS8.2AI score0.0057EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.1 views

SUSE CVE-2022-0529

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...

4.7CVSS7AI score0.02421EPSS
Exploits1References5
OSV
OSV
added 2022/08/24 4:15 p.m.3 views

DEBIAN-CVE-2021-4217

A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...

3.3CVSS5.4AI score0.0057EPSS
Exploits1References1
OSV
OSV
added 2022/08/24 4:15 p.m.3 views

UBUNTU-CVE-2021-4217

A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...

3.3CVSS6.3AI score0.0057EPSS
Exploits1References4
OSV
OSV
added 2022/02/09 11:15 p.m.2 views

DEBIAN-CVE-2022-0529

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution...

5.5CVSS5.9AI score0.02421EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2020/04/22 2:11 p.m.9 views

ansible: Extract-Zip function in win_unzip module does not check extracted path

A flaw was found in the Ansible Engine when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path...

7.8CVSS7.1AI score0.00362EPSS
Exploits0References4
PyPA
PyPA
added 2020/03/09 4:15 p.m.6 views

PYSEC-2020-9

A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...

7.8CVSS6.4AI score0.00362EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder