Search
Total
2662 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8607 | 3 Canonical, Debian, Perl | 3 Ubuntu Linux, Debian Linux, Pathtools | 2020-07-15 | 7.5 HIGH | 7.3 HIGH |
| The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. | |||||
| CVE-2016-1182 | 1 Apache | 1 Struts | 2020-07-15 | 6.4 MEDIUM | 8.2 HIGH |
| ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899. | |||||
| CVE-2018-20127 | 1 Zzzcms | 1 Zzzphp | 2020-07-14 | 6.4 MEDIUM | 7.5 HIGH |
| An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers to delete arbitrary files via a mixed-case extension and an extra '.' character, because (for example) "php" is blocked but path=F:/1.phP. succeeds. | |||||
| CVE-2020-8187 | 1 Citrix | 4 Application Delivery Controller, Application Delivery Controller Firmware, Netscaler Gateway and 1 more | 2020-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| Improper input validation in Citrix ADC and Citrix Gateway versions before 11.1-63.9 and 12.0-62.10 allows unauthenticated users to perform a denial of service attack. | |||||
| CVE-2020-2110 | 1 Jenkins | 1 Script Security | 2020-07-13 | 6.5 MEDIUM | 8.8 HIGH |
| Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations. | |||||
| CVE-2020-2109 | 1 Jenkins | 1 Pipeline\ | 2020-07-13 | 6.5 MEDIUM | 8.8 HIGH |
| Sandbox protection in Jenkins Pipeline: Groovy Plugin 2.78 and earlier can be circumvented through default parameter expressions in CPS-transformed methods. | |||||
| CVE-2020-5970 | 1 Nvidia | 1 Virtual Gpu Manager | 2020-07-10 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | |||||
| CVE-2018-19591 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2020-07-09 | 5.0 MEDIUM | 7.5 HIGH |
| In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function. | |||||
| CVE-2020-14957 | 1 Arswp | 1 Windows Cleanup Assistant | 2020-07-07 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCD. | |||||
| CVE-2020-14956 | 1 Arswp | 1 Windows Cleanup Assistant | 2020-07-07 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCA. | |||||
| CVE-2020-12033 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2020-07-06 | 5.8 MEDIUM | 8.8 HIGH |
| In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects with elevated privileges. | |||||
| CVE-2020-14939 | 1 Freedroid | 1 Freedroidrpg | 2020-07-01 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading. | |||||
| CVE-2018-21264 | 1 Mattermost | 1 Mattermost Server | 2020-06-30 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML response. | |||||
| CVE-2019-20848 | 1 Mattermost | 1 Mattermost Mobile | 2020-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Mobile Apps before 1.26.0. The Quick Reply feature mishandles crafted replies. | |||||
| CVE-2020-8102 | 1 Bitdefender | 1 Total Security 2020 | 2020-06-26 | 6.8 MEDIUM | 8.8 HIGH |
| Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116. | |||||
| CVE-2019-14047 | 1 Qualcomm | 30 Apq8053, Apq8053 Firmware, Apq8096au and 27 more | 2020-06-26 | 7.2 HIGH | 7.8 HIGH |
| While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130 | |||||
| CVE-2020-11999 | 1 Rockwellautomation | 2 Factorytalk Linx, Rslinx Classic | 2020-06-24 | 5.5 MEDIUM | 8.1 HIGH |
| FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.00 and prior,Connected Components Workbench: Version 12 and prior, ControlFLASH: Version 14 and later, ControlFLASH Plus: Version 1 and later, FactoryTalk Asset Centre: Version 9 and later, FactoryTalk Linx CommDTM: Version 1 and later, Studio 5000 Launcher: Version 31 and later Stud, 5000 Logix Designer software: Version 32 and prior is vulnerable. An exposed API call allows users to provide files to be processed without sanitation. This may allow an attacker to specify a filename to execute unauthorized code and modify files or data. | |||||
| CVE-2019-20868 | 1 Mattermost | 1 Mattermost Server | 2020-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.11.0. Invite IDs were improperly generated. | |||||
| CVE-2018-21262 | 1 Mattermost | 1 Mattermost Server | 2020-06-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text. | |||||
| CVE-2020-14459 | 1 Mattermost | 1 Mattermost Server | 2020-06-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 5.19.0. Attackers can rename a channel and cause a collision with a direct message, aka MMSA-2020-0002. | |||||
| CVE-2015-7703 | 5 Debian, Netapp, Ntp and 2 more | 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more | 2020-06-18 | 4.3 MEDIUM | 7.5 HIGH |
| The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command. | |||||
| CVE-2016-7434 | 2 Hpe, Ntp | 2 Hpux-ntp, Ntp | 2020-06-18 | 4.3 MEDIUM | 7.5 HIGH |
| The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query. | |||||
| CVE-2015-7692 | 5 Debian, Netapp, Ntp and 2 more | 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more | 2020-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | |||||
| CVE-2015-7691 | 5 Debian, Netapp, Ntp and 2 more | 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more | 2020-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | |||||
| CVE-2020-13170 | 1 Hashicorp | 1 Consul | 2020-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp Consul and Consul Enterprise did not appropriately enforce scope for local tokens issued by a primary data center, where replication to a secondary data center was not enabled. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4. | |||||
| CVE-2016-4456 | 1 Gnu | 1 Gnutls | 2020-06-16 | 5.0 MEDIUM | 7.5 HIGH |
| The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem. | |||||
| CVE-2017-6059 | 1 Zmartzone | 1 Mod Auth Openidc | 2020-06-16 | 5.0 MEDIUM | 7.5 HIGH |
| Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request. | |||||
| CVE-2020-13646 | 1 Ijinshan | 1 Cheetah Free Wifi | 2020-06-15 | 6.1 MEDIUM | 7.8 HIGH |
| In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020f8, 0x830020E0, 0x830020E4, or 0x8300210c. | |||||
| CVE-2019-12439 | 1 Projectatomic | 1 Bubblewrap | 2020-06-15 | 4.6 MEDIUM | 7.8 HIGH |
| bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR), a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code. | |||||
| CVE-2020-1286 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-06-15 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user, aka 'Windows Shell Remote Code Execution Vulnerability'. | |||||
| CVE-2020-9788 | 1 Apple | 1 Mac Os X | 2020-06-11 | 9.3 HIGH | 7.8 HIGH |
| A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.5. A file may be incorrectly rendered to execute JavaScript. | |||||
| CVE-2020-9826 | 1 Apple | 3 Ipad Os, Iphone Os, Mac Os X | 2020-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause a denial of service. | |||||
| CVE-2020-9855 | 1 Apple | 1 Mac Os X | 2020-06-11 | 4.6 MEDIUM | 7.8 HIGH |
| A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.5. A local attacker may be able to elevate their privileges. | |||||
| CVE-2018-1000656 | 2 Netapp, Palletsprojects | 4 Active Iq, Hyper Converged Infrastructure, Ontap Select Deploy Utility and 1 more | 2020-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3. NOTE: this may overlap CVE-2019-1010083. | |||||
| CVE-2020-8475 | 1 Abb | 3 800xa System, Compact Hmi, Control Builder Safe | 2020-06-09 | 2.1 LOW | 7.5 HIGH |
| For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, a weakness in validation of input exists that allows an attacker to block license handling by sending specially crafted messages to the CLS web service. | |||||
| CVE-2020-8476 | 1 Abb | 3 800xa System, Compact Hmi, Control Builder Safe | 2020-06-09 | 5.0 MEDIUM | 7.5 HIGH |
| For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, a weakness in validation of input exists that allows an attacker to alter licenses assigned to the system nodes by sending specially crafted messages to the CLS web service. | |||||
| CVE-2020-10028 | 1 Zephyrproject | 1 Zephyr | 2020-06-05 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. | |||||
| CVE-2020-10058 | 1 Zephyrproject | 1 Zephyr | 2020-06-05 | 4.6 MEDIUM | 7.8 HIGH |
| Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. | |||||
| CVE-2020-12062 | 1 Openbsd | 1 Openssh | 2020-06-04 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that "this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol" and "utimes does not fail under normal circumstances." | |||||
| CVE-2020-3623 | 1 Qualcomm | 4 Sm8250, Sm8250 Firmware, Sxr2130 and 1 more | 2020-06-03 | 7.2 HIGH | 7.8 HIGH |
| kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130 | |||||
| CVE-2016-6384 | 1 Cisco | 2 Ios, Ios Xe | 2020-06-02 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257. | |||||
| CVE-2018-19654 | 1 Sales \& Company Management System Project | 1 Sales \& Company Management System | 2020-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a duplicate username, as demonstrated by use of the test%c2 string when a test account already exists. | |||||
| CVE-2018-20225 | 1 Pypa | 1 Pip | 2020-06-01 | 6.8 MEDIUM | 7.8 HIGH |
| ** DISPUTED ** An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). NOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely. | |||||
| CVE-2020-13634 | 1 Youhua | 1 Windows Master | 2020-05-29 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558 | |||||
| CVE-2020-10738 | 1 Moodle | 1 Moodle | 2020-05-22 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution. | |||||
| CVE-2020-4411 | 2 Ibm, Linux | 3 Aix, Spectrum Scale, Linux Kernel | 2020-05-19 | 4.9 MEDIUM | 7.1 HIGH |
| The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986. | |||||
| CVE-2020-8100 | 1 Bitdefender | 1 Engines | 2020-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions prior to 7.84063. | |||||
| CVE-2020-2011 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 7.8 HIGH | 7.5 HIGH |
| An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode. This issue affects: All versions of PAN-OS 7.1, PAN-OS 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.0. | |||||
| CVE-2020-6651 | 1 Eaton | 1 Intelligent Power Manager | 2020-05-12 | 6.0 MEDIUM | 7.3 HIGH |
| Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application. | |||||
| CVE-2016-3646 | 1 Symantec | 18 Advanced Threat Protection, Csapi, Data Center Security Server and 15 more | 2020-05-11 | 10.0 HIGH | 8.4 HIGH |
| The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression. | |||||