CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-2266

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00101EPSS

Exploits1References7

Veracode•added 2023/09/06 6:51 a.m.•25 views

Path Traversal

ZIPFoundation is vulnerable to Path Traversal. The vulnerability is due to the package not validating if symlinks are pointing to paths outside the extraction directory. This allows an attacker to extract files in any arbitrary location and can also lead to code execution...

7.8CVSS7.3AI score0.00101EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2023/08/31 12:30 a.m.•33 views

Path traversal in ZIPFoundation

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

7.8CVSS7.1AI score0.00101EPSS

Exploits1References7Affected Software1

OSV•added 2023/08/31 12:30 a.m.•12 views

GHSA-C2CC-3569-6JH2 Path traversal in ZIPFoundation

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

7.8CVSS7.5AI score0.00101EPSS

Exploits1References7

GitLab Advisory Database•added 2023/08/31 12:0 a.m.•11 views

Path traversal in ZIPFoundation

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

7.8CVSS6.8AI score0.00101EPSS

Exploits1References8Affected Software1

OSV•added 2023/08/30 10:15 p.m.•13 views

CVE-2023-39138

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

7.8CVSS7.2AI score

Exploits0References4

NVD•added 2023/08/30 10:15 p.m.•9 views

CVE-2023-39138

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

7.8CVSS7.6AI score0.00101EPSS

Exploits1References4

Prion•added 2023/08/30 10:15 p.m.•15 views

Path traversal

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

4.4CVSS7.6AI score0.00101EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2023/08/30 12:0 a.m.•1 views

PT-2023-26800 · Unknown · Zipfoundation

Name of the Vulnerable Software and Affected Versions: ZIPFoundation version 0.9.16 Description: An issue in ZIPFoundation allows attackers to execute a path traversal via extracting a crafted zip file. Recommendations: For ZIPFoundation version 0.9.16, update to a version that fixes this issue, ...

7.8CVSS7.5AI score0.00101EPSS

Exploits1References10

Vulnrichment•added 2023/08/30 12:0 a.m.•13 views

CVE-2023-39138

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

6.9AI score0.00101EPSS

Exploits1References4

CVE•added 2023/08/30 12:0 a.m.•61 views

CVE-2023-39138

ZIPFoundation v0.9.16 is vulnerable to a path traversal when extracting crafted ZIP archives, enabling writing outside the target directory. The issue is documented across multiple sources (GitHub GHSA- and OSV entries and CVE-2023-39138) and is triggered during extraction of crafted files, with ...

7.8CVSS7.5AI score0.00101EPSS

Exploits1References4Affected Software1

Cvelist•added 2023/08/30 12:0 a.m.•11 views

CVE-2023-39138

An issue in ZIPFoundation v0.9.16 allows attackers to execute a path traversal via extracting a crafted zip file...

7.8AI score0.00101EPSS

Exploits1References4

Veracode•added 2019/06/07 2:49 a.m.•15 views

Directory Traversal

ZIPFoundation is vulnerable to Directory Traversal. This is due to improper sanitisation of the destination URL when unzipping files. An attacker can thus craft a malicious .zip file to install and delete files in unwanted location...

6.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by