EUVD-2023-43983

Malicious code in bioql PyPI...

CVE-2024-22404 Permissions bypass in Nextcloud with the files zip app

Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download "view-only" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to...

CVE-2023-3314

CVE-2023-3314 affects Trellix Enterprise Security Manager (and related entries) where a failure to fully sanitize zip file processing allows an authorized user to control the .zip application, enabling arbitrary command execution or privilege escalation. Public sources cite vulnerable versions (e...

FreeBSD : zip -- long path buffer overflow (40549bbf-43b5-11d9-a9e7-0001020eed82)

A HexView security advisory reports : When zip performs recursive folder compression, it does not check for the length of resulting path. If the path is too long, a buffer overflow occurs leading to stack corruption and segmentation fault. It is possible to exploit this vulnerability by embedding...

[Full-Disclosure] [HV-MED] Zip/Linux long path buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zip/Linux long path buffer overflow Classification: =============== Level: low-MED-high-crit ID: HEXVIEW200411031 URL: http://www.hexview.com/docs/20041103-1.txt Overview: ========= Zip console application by Info-Zip http://www.info-zip.org is an...

zip -- long path buffer overflow

A HexView security advisory reports: When zip performs recursive folder compression, it does not check for the length of resulting path. If the path is too long, a buffer overflow occurs leading to stack corruption and segmentation fault. It is possible to exploit this vulnerability by embedding ...