CVE-2025-63372

Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents...

CVE-2025-63372

Articentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents...

CVE-2023-5245

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

CVE-2024-55587

The CVE-2024-55587 issue affects python-libarchive up to version 4.2.1, as reported by Red Hat/NVD and corroborating sources. The vulnerability exists in ZipFile.extractall and ZipFile.extract (in zip.py), enabling directory traversal to create files outside the intended directory. The Red Hat en...

VulnCheck KEV: CVE-2021-24284

The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fontsicon directory with no checks for malicious files such as PHP...