CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 2CVE-2011-2725
https://notcve.org/view.php?id=CVE-2011-2725
04 Feb 2014 — Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file. Vulnerabilidad de salto de directorio en Ark 4.7.x y anteriores permite a atacantes remotos eliminar y forzar la visualización de archivos arbitrarios a través de secuencias .. (punto punto) en un archivo zip. • http://lists.opensuse.org/opensuse-updates/2012-03/msg00002.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4132
https://notcve.org/view.php?id=CVE-2013-4132
16 Sep 2013 — KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pw_encrypt functions, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via (1) an invalid salt or a (2) DES or (3) MD5 encrypted password, when FIPS-140 is enable, to KDM or an (4) invalid password to KCheckPass. KDE-Workspace 4.10.5 y anteriores no gestiona de forma adecuada el valor de retorno de glibc 2.17 crypt y funciones pw_encrypt, lo que permite a atac... • http://lists.opensuse.org/opensuse-updates/2013-07/msg00082.html • CWE-310: Cryptographic Issues •