Lucene search
+L

32 matches found

osv
osv
added 2025/03/10 6:26 p.m.6 views

GHSA-W8JQ-XCQF-F792 Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

Summary PickleScan fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully...

5.3CVSS7.3AI score0.00512EPSS
Exploits1References6
osv
osv
added 2025/03/10 12:30 p.m.18 views

GHSA-2FH4-GPCH-VQV4 Duplicate Advisory: Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8jq-xcqf-f792. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file...

5.3CVSS9.7AI score0.00512EPSS
Exploits1References4
github
github
added 2025/03/10 12:30 p.m.11 views

Duplicate Advisory: Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8jq-xcqf-f792. This link is maintained to preserve external references. Original Description picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file...

9.8CVSS7.8AI score0.00512EPSS
Exploits1References5Affected Software1
osv
osv
added 2025/02/26 12:0 a.m.7 views

CVE-2025-25783

An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file...

9.8CVSS8AI score0.0064EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/02/05 10:52 p.m.13 views

CVE-2022-1373

The “restore configuration” feature of Softing Secure Integration Server V1.22 is vulnerable to a directory traversal vulnerability when processing zip files. An attacker can craft a zip file to load an arbitrary dll and execute code. Using the "restore configuration" feature to upload a zip file...

7.2CVSS6.9AI score0.10229EPSS
Exploits3References1
bdu_fstec
bdu_fstec
added 2020/08/19 12:0 a.m.5 views

The vulnerability of the zzip_mem_disk_new function in the ZZIPlib compression library, which allows a hacker to cause a service failure.

The vulnerability of the zzipmemdisknew function in the ZZIPlib compression library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability allows a malicious actor to cause service failures by using a specially created zip file...

7.1CVSS6.1AI score0.01376EPSS
Exploits1References5Affected Software3
debiancve
debiancve
added 2018/10/01 8:0 a.m.27 views

CVE-2018-17828

Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. dot dot in a zip file, because of the function unzzipcat in the bins/unzzipcat-mem.c file...

5.8CVSS5.5AI score0.01538EPSS
Exploits1
osv
osv
added 2016/09/20 2:15 p.m.8 views

CVE-2015-8927

The tradencdecryptupdate function in archivereadsupportformatzip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap read and crash via a crafted zip file, related to reading the password...

5.5CVSS6.6AI score
Exploits0References10
githubexploit
githubexploit
added 2016/03/28 6:47 p.m.78 views

Exploit for Integer Overflow or Wraparound in Python

CVE-2016-5636 PoC for CVE-2016-5636https://bugs.python.o...

10CVSS8AI score0.26316EPSS
Exploits1
zdt
zdt
added 2004/12/16 12:0 a.m.18 views

WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC

Exploit for unknown platform in category local exploits ================================================== WinRAR include pragma pack1 define DATOS "email protected" typedef struct DWORD Signature; WORD VersionNeeded; WORD GeneralPurposeFlag; WORD CompressionMethod; WORD ModFileTime; WORD...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2004/12/16 12:0 a.m.12 views

WinRAR 3.4.1 - Corrupt .ZIP File

WinRAR 3.4.1 - Corrupt .ZIP File / WinRAR 3.40 Buffer Overflow POC Thanks to Miguel Tarasco Acuna. He has made a wonderful code for Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 which I edited and made this code by. Coded by Vafa Khoshaein - [email protected]...

0.8AI score
Exploits0
exploitdb
exploitdb
added 2004/12/16 12:0 a.m.111 views

WinRAR 3.4.1 - Corrupt &#039;.ZIP&#039; File

/ WinRAR 3.40 Buffer Overflow POC Thanks to Miguel Tarasco Acuna. He has made a wonderful code for Microsoft Windows Vulnerability in Compressed zipped Folders MS04-034 which I edited and made this code by. Coded by Vafa Khoshaein - [email protected] Vulnerability discovery date : December 10...

7.4AI score
Exploits0
Rows per page
Query Builder