Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tar project tar vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-38197
unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Directory Traversal via ../ in a pathname within a TAR archive.
Go-unarr Project Go-unarr 0.1.1
10
CVSSv2
CVE-2015-0857
Cool Projects TarDiff allows remote malicious users to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.
Tardiff Project Tardiff -
Debian Debian Linux 8.0
9.3
CVSSv2
CVE-2008-3074
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the f...
Vim Vim 7.2
Vim Tar.vim V.12
Vim Tar.vim V.13
Vim Tar.vim V.20
Vim Tar.vim V.21
Vim Vim 7.1
Vim Vim 7.0
Vim Tar.vim V.16
Vim Tar.vim V.17
Vim Vim 7.1.314
Vim Vim 7.1.266
Vim Tar.vim V.14
Vim Tar.vim V.15
Vim Tar.vim V.22
Vim Tar.vim V.10
Vim Tar.vim V.11
Vim Tar.vim V.18
Vim Tar.vim V.19
9.3
CVSSv2
CVE-2008-3075
The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the f...
Vim Vim 7.1.266
Vim Vim 7.1
Vim Vim 7.2
Vim Vim 7.1.314
Vim Zipplugin.vim V.19
Vim Zipplugin.vim V.18
Vim Vim 7.0
Vim Vim 7.2a.10
Vim Zipplugin.vim V.15
Vim Zipplugin.vim V.14
Vim Zipplugin.vim V.13
Vim Zipplugin.vim V.17
Vim Zipplugin.vim V.16
Vim Zipplugin.vim V.21
Vim Zipplugin.vim V.20
Vim Zipplugin.vim V.12
Vim Zipplugin.vim V.11
9.3
CVSSv2
CVE-2008-3076
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted malicious users to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test ...
Vim Vim 7.2a.10
1 EDB exploit
9.3
CVSSv2
CVE-2008-4101
Vim 3.0 up to and including 7.x prior to 7.2.010 does not properly escape characters, which allows user-assisted malicious users to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute...
Vim Vim 5.2
Vim Vim 5.3
Vim Vim 6.1
Vim Vim 6.2
Vim Vim 5.4
Vim Vim 5.5
Vim Vim 6.3
Vim Vim 6.4
Vim Vim 5.0
Vim Vim 5.1
Vim Vim 5.8
Vim Vim 6.0
Vim Vim
Vim Vim 3.0
Vim Vim 4.0
Vim Vim 5.6
Vim Vim 5.7
Vim Vim 7.0
Vim Vim 7.1
1 EDB exploit
9.3
CVSSv2
CVE-2008-2712
Vim 7.1.314, 6.4, and other versions allows user-assisted remote malicious users to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, ...
Vim Vim
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
1 EDB exploit
9.3
CVSSv2
CVE-2007-3641
archive_read_support_format_tar.c in libarchive prior to 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remote malicious users to cause a denial of service (crash) and possibly execute ar...
Freebsd Libarchive
9
CVSSv2
CVE-2019-14287
In Sudo prior to 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER=...
Sudo Project Sudo
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Netapp Element Software Management Node -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
60 Github repositories
1 Article
7.5
CVSSv2
CVE-2021-32840
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted in the parent directory of `destFolder`. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in ve...
Sharpziplib Project Sharpziplib
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »