ROS-20251112-10

Vulnerability in the Open Babel expert system for analyzing chemical data is related to a manipulation in the function ChemKinFormat::ReadReactionQualifierLines of the /src/formats/chemkinformat.cpp file. Exploitation of the vulnerability could allow an attacker to cause a denial of service A...

CVE-2025-10995

A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlibstream::basicunzipstreambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit...

CVE-2025-10995 Open Babel zipstreamimpl.h underflow memory corruption

A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlibstream::basicunzipstreambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit...

CVE-2020-35460

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

SUSE CVE-2016-6297

Integer overflow in the phpstreamzipopener function in ext/zip/zipstream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted zip:// URL...

MPXJ path Traversal vulnerability

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

GHSA-P9J6-4PJR-GP48 MPXJ path Traversal vulnerability

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

CVE-2020-35460

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

CVE-2020-35460

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

Directory traversal

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

CVE-2020-35460

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

CVE-2020-35460

CVE-2020-35460 : In MPXJ (Packwood), the InputStreamHelper.java component allows directory traversal in the zip stream handler flow, enabling writing files to arbitrary locations. This is due to insufficient validation of pathnames in the traversal path. Affected file/component: common/InputStrea...

CVE-2020-35460

common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations...

PT-2020-5496 · Packwood · Mpxj

Name of the Vulnerable Software and Affected Versions: Packwood MPXJ versions prior to 8.3.5 Description: The issue exists due to incorrect restriction of the directory path name in the common/InputStreamHelper.java library of MPXJ, allowing a remote attacker to write files to arbitrary locations...

Packwood MPXJ Path Traversal Vulnerability

Packwood MPXJ is a tool from Packwood that supports multiple programming languages for processing project information.MPXJ supports a variety of data formats: Microsoft Project Exchange MPX, Microsoft Project MPP, MPT, Microsoft Project Data Exchange MSPDI XML, Microsoft Project Database MPD,...

PHP php_stream_zip_opener function integer overflow vulnerability

PHP is a widely used general-purpose scripting language that is particularly well suited for web development and can be embedded in HTML. An integer overflow vulnerability exists in the ext/zip/zipstream.c/phpstreamzipopener function in versions of PHP prior to 5.5.38, 5.6.x prior to 5.6.24, and...

CVE-2016-6297

Integer overflow in the phpstreamzipopener function in ext/zip/zipstream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted zip:// URL...

UBUNTU-CVE-2016-6297

Integer overflow in the phpstreamzipopener function in ext/zip/zipstream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via a crafted zip:// URL...

php: DoS (excessive CPU consumption) by processing certain Zip archive files

Integer signedness error in zipstream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service CPU consumption via a malformed archive file that triggers errors in zipfread function calls...

Fedora 13 : maniadrive-1.2-23.fc13 / php-5.3.4-1.fc13.1 / php-eaccelerator-0.9.6.1-3.fc13 (2010-19011)

Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...