Lucene search
+L

14 matches found

OSV
OSV
added 2026/05/20 10:11 a.m.31 views

CLSA-2026-1779271865 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal in zip.vim — block .. components via simplify in zipWrite and zipExtract upstream vim 9.2.0280 + CVE-2025-53906 prereq combined...

7.1CVSS6.4AI score0.00731EPSS
Exploits1References1
OSV
OSV
added 2026/05/20 10:1 a.m.10 views

CLSA-2026-1779271299 vim: Fix of 2 CVEs

CVE-2026-35177: fix path traversal in zip.vim — block .. components via simplify in zipWrite and zipExtract upstream vim 9.2.0280 + CVE-2025-53906 prereq combined...

7.1CVSS6.4AI score0.00731EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/06/17 2:29 a.m.4 views

SUSE CVE-2025-4748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2,...

4.4CVSS6.3AI score0.00226EPSS
Exploits0References6
OSV
OSV
added 2025/06/16 11:0 a.m.2 views

EEF-CVE-2025-4748 Absolute path traversal in zip:unzip/1,2

Summary Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1,...

4.8CVSS6.4AI score0.00226EPSS
Exploits0References7
CVE
CVE
added 2024/08/29 12:0 a.m.133 views

CVE-2024-45436

CVE-2024-45436 affects Ollama prior to 0.1.47, where extractFromZipFile in model.go can write ZIP entries outside the parent directory (Zip Slip/path traversal). The connected exploit document confirms a practical path traversal/vector in Ollama and notes exploitation could lead to arbitrary file...

9.1CVSS6.9AI score0.02581EPSS
Exploits2References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.4 views

SUSE CVE-2015-6833

Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. dot dot in a ZIP archive entry that is mishandled during an extractTo call...

7.5CVSS7.2AI score0.04837EPSS
Exploits0References8
Microsoft KB
Microsoft KB
added 2021/01/21 12:0 a.m.5 views

January 21, 2021-KB4598296 (OS Build 17763.1728) Preview

None None...

9CVSS6.8AI score0.13794EPSS
Exploits0
OSV
OSV
added 2018/09/04 12:29 a.m.3 views

DEBIAN-CVE-2018-16430

GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTORzipextractmethod in zipextractor.c...

8.8CVSS8.7AI score0.02646EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.5 views

php: Integer overflow leads to buffer overflow in virtual_file_ex

Integer overflow in the virtualfileex function in TSRM/tsrmvirtualcwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted extract operation on a Z...

7.8CVSS7.5AI score0.03792EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2011/01/05 12:0 a.m.70 views

Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)

Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...

6.8CVSS7.4AI score0.18878EPSS
Exploits18References18
myhack58
myhack58
added 2010/12/22 12:0 a.m.25 views

PHP Zip Extract method denial of service vulnerability-vulnerability warning-the black bar safety net

Affected system: PHP PHP 5.3.3 PHP PHP 5.3.2 PHP PHP 5.3.1 PHP PHP 5.3 PHP PHP 5.2 - 5.3.2 Not affected system: PHP PHP 5.3.4 PHP PHP 5.2.15 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 4 5 3 3 5 PHP is a widely-used General-purpose...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/12/13 12:0 a.m.46 views

PHP 5.2.x < 5.2.15 Multiple Vulnerabilities

Binary data 801097.prm...

6.8CVSS7.3AI score0.13333EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2010/12/10 12:0 a.m.26 views

PHP 5.3.x < 5.3.4 Multiple Vulnerabilities

Binary data 5732.prm...

6.8CVSS7.6AI score0.18878EPSS
Exploits20References19
Tenable Nessus
Tenable Nessus
added 2010/12/10 12:0 a.m.54 views

PHP 5.3 < 5.3.4 Multiple Vulnerabilities

Binary data 801074.prm...

6.8CVSS7.6AI score0.18878EPSS
Exploits20References19
Rows per page
Query Builder