Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5187
A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability enables malicious users to overwrite a...
4.3
CVSSv2
CVE-2012-1426
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote malicious users to bypass malware detection via a POSIX TAR file w...
Norman Norman Antivirus & Antispyware 6.06.12
Rising-global Rising Antivirus 22.83.00.03
F-prot F-prot Antivirus 4.6.2.117
Cat Quick Heal 11.00
K7computing Antivirus 9.77.3565
Authentium Command Antivirus 5.2.11.5
NA
CVE-2023-32317
Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was found in the MOSS cheat checker functionality of Autolab. To exploit this vulnerability an authenticated attacker with instructor permissions needs to upload a sp...
Autolabproject Autolab
4.3
CVSSv2
CVE-2012-1424
The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote malicious users to bypass malware detection via a POSIX TAR file ...
Norman Norman Antivirus & Antispyware 6.06.12
Sophos Sophos Anti-virus 4.61.0
Cat Quick Heal 11.00
Jiangmin Jiangmin Antivirus 13.0.900
Antiy Avl Sdk 2.0.3.7
Pc Tools Pc Tools Antivirus 7.0.3.5
NA
CVE-2023-35947
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written outside of the unpack location. This could lead to important files being overwrit...
Gradle Gradle
6.5
CVSSv2
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
4.3
CVSSv2
CVE-2012-1420
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Ant...
Norman Norman Antivirus & Antispyware 6.06.12
Rising-global Rising Antivirus 22.83.00.03
Eset Nod32 Antivirus 5795
F-prot F-prot Antivirus 4.6.2.117
Kaspersky Kaspersky Anti-virus 7.0.0.125
Cat Quick Heal 11.00
Fortinet Fortinet Antivirus 4.2.254.0
K7computing Antivirus 9.77.3565
Authentium Command Antivirus 5.2.11.5
Microsoft Security Essentials 2.0
Pandasecurity Panda Antivirus 10.0.2.7
4.3
CVSSv2
CVE-2012-1423
The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools An...
Norman Norman Antivirus & Antispyware 6.06.12
Rising-global Rising Antivirus 22.83.00.03
Eset Nod32 Antivirus 5795
F-prot F-prot Antivirus 4.6.2.117
Fortinet Fortinet Antivirus 4.2.254.0
K7computing Antivirus 9.77.3565
Authentium Command Antivirus 5.2.11.5
Ikarus Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0
Virusbuster Virusbuster 13.6.151.0
Emsisoft Anti-malware 5.1.0.1
Pc Tools Pc Tools Antivirus 7.0.3.5
5.8
CVSSv2
CVE-2013-4420
Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and previous versions allow remote malicious users to overwrite arbitrary files via a .. (dot dot) in a crafted tar file.
Feep Libtar 1.2.14
Feep Libtar 1.2.17
Feep Libtar 1.2.13
Feep Libtar
Feep Libtar 1.2.11
Feep Libtar 1.2.15
Feep Libtar 1.2.19
Feep Libtar 1.2.18
Feep Libtar 1.2.16
5
CVSSv2
CVE-2006-2520
Directory traversal vulnerability in BitZipper 4.1.2 SR-1 and previous versions allows remote malicious users to create files in arbitrary directories via a .. (dot dot) in the filename of a file that is stored in a (1) RAR (.rar), (2) TAR (.tar), (3) ZIP (.zip), (4) GZ (.gz), or...
Bitberry Software Bitzipper 3.3
Bitberry Software Bitzipper 4.1.1
Bitberry Software Bitzipper 3.2
Bitberry Software Bitzipper 4.1
Bitberry Software Bitzipper 3.4.1
Bitberry Software Bitzipper 3.4
Bitberry Software Bitzipper 4.1.2
Bitberry Software Bitzipper 4.0
Bitberry Software Bitzipper 3.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »