K000160994: SQLite vulnerability CVE-2025-70873

Security Advisory Description An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file. CVE-2025-70873 Impact There is no impact; F5 products are not affected by th...

SUSE CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

EUVD-2015-9103

Malware in sbrugna...

EUVD-2014-8618

Malware in sbrugna...

EUVD-2018-11709

Malware in sbrugna...

EUVD-2003-1366

Malware in sbrugna...

EUVD-2020-26240

Malware in sbrugna...

EUVD-2005-3498

Malware in sbrugna...

EUVD-2018-12667

Malware in sbrugna...

EUVD-2020-30296

Malware in sbrugna...

EUVD-2019-18943

Malware in sbrugna...

EUVD-2022-15655

Malicious code in bioql PyPI...

EUVD-2022-33379

Malicious code in bioql PyPI...

EUVD-2025-13409

Malicious code in bioql PyPI...

EUVD-2022-38746

Malicious code in bioql PyPI...

PT-2025-28396 · Sinec Nms · Sinec Nms

Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V4.0 Description: A security issue has been identified in the affected application, where it does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary...

CVE-2025-3445

A Path Traversal "Zip Slip" vulnerability has been identified in mholt/archiver in Go. This vulnerability allows using a crafted ZIP file containing path traversal symlinks to create or overwrite files with the user's privileges or application utilizing the library. When using the...

CVE-2025-30153

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

CVE-2025-25783

An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file...

CVE-2025-25784

An arbitrary file upload vulnerability in the component \c\TemplateController.php of Jizhicms v2.5.4 allows attackers to execute arbitrary code via uploading a crafted Zip file...