32 matches found
GHSA-W8JQ-XCQF-F792 Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Summary PickleScan fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully...
GHSA-2FH4-GPCH-VQV4 Duplicate Advisory: Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8jq-xcqf-f792. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file...
Duplicate Advisory: Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8jq-xcqf-f792. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file...
CVE-2025-25783
An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file...
CVE-2022-1373
The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file...
The vulnerability of the zzip_mem_disk_new function in the ZZIPlib compression library, which allows a hacker to cause a service failure.
The vulnerability of the zzipmemdisknew function in the ZZIPlib compression library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability allows a malicious actor to cause service failures by using a specially created zip file...
CVE-2018-17828
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. dot dot in a zip file, because of the function unzzipcat in the bins/unzzipcat-mem.c file...
CVE-2015-8927
The tradencdecryptupdate function in archivereadsupportformatzip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap read and crash via a crafted zip file, related to reading the password...
Exploit for Integer Overflow or Wraparound in Python
CVE-2016-5636 PoC for CVE-2016-5636https://bugs.python.o...
WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
Exploit for unknown platform in category local exploits ================================================== WinRAR include pragma pack1 define DATOS "email protected" typedef struct DWORD Signature; WORD VersionNeeded; WORD GeneralPurposeFlag; WORD CompressionMethod; WORD ModFileTime; WORD...
WinRAR 3.4.1 - Corrupt .ZIP File
WinRAR 3.4.1 - Corrupt .ZIP File / WinRAR 3.40 Buffer Overflow POC Thanks to Miguel Tarasco Acuna. He has made a wonderful code for Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 which I edited and made this code by. Coded by Vafa Khoshaein - [email protected]...
WinRAR 3.4.1 - Corrupt '.ZIP' File
/ WinRAR 3.40 Buffer Overflow POC Thanks to Miguel Tarasco Acuna. He has made a wonderful code for Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 which I edited and made this code by. Coded by Vafa Khoshaein - [email protected] Vulnerability discovery date : December 10...