OESA-2026-1703 golang security update

The Go Programming Language. Security Fixes: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large...

EUVD-2019-18436

Malware in sbrugna...

EUVD-2021-14642

Malware in sbrugna...

EUVD-2006-0344

Malware in sbrugna...

EUVD-2014-9805

Malware in sbrugna...

EUVD-2016-7219

Malware in sbrugna...

EUVD-2021-20791

Malware in sbrugna...

CVE-2014-125119

CVE-2014-125119 describes a filename spoofing vulnerability in WinRAR when opening specially crafted ZIP archives. The root cause is an inconsistency between the Central Directory and Local File Header entries, which causes WinRAR to display the Central Directory filename while extracting and exe...

CVE-2023-38831

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file such as an ordinary .JPG file and also a folder that has the same name as the benign file, and the...

📄 unzip-stream 0.3.1 Arbitrary File Write

unzip-stream version 0.3.1 suffers from an arbitrary file write vulnerability. Exploit Title: unzip-stream 0.3.1 - Arbitrary File Write Date: 18th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mhr3/unzip-stream Version: unzip-stream 0.3.1 Tested on: Ubunt...

CVE-2025-30343

A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file o...

CVE-2025-30343

A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file o...

CVE-2025-30343

A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to OpenSlides meetings and organized in folders. The interface allows users to download a ZIP archive that contains all files in a folder and its subfolders. If an attacker specifies the title of a file o...

CVE-2025-30343

Summary: CVE-2025-30343 affects OpenSlides prior to version 4.2.5. Vulnerability: A directory traversal issue in the file upload and ZIP-download feature allows a crafted file/folder title (e.g., ../../../etc/passwd) to be treated as a path during ZIP generation, which may lead to overwriting fil...

Joomla 路径遍历漏洞

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A path traversal vulnerability exists in Joomla! 3.0.0 - 3.9.24. An attacker can...

[Full-disclosure] [vuln.sg] DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities

vuln.sg Vulnerability Research Advisory DynaZip DZIP32.DLL/DZIPS32.DLL Buffer Overflow Vulnerabilities by Tan Chew Keong Release Date: 2006-07-25 Summary ------- Some vulnerabilities have been found in DynaZip DZIP32.DLL/DZIPS32.DLL. When exploited, the vulnerabilities allow execution of arbitrar...