CVE-2025-14503

An overly-permissive IAM trust policy in the Harmonix on AWS framework may allow IAM principals in the same AWS account to escalate privileges via role assumption. The sample code for the EKS environment provisioning role is configured to trust the account root principal, which may enable any IAM...

CVE-2025-14503

CVE-2025-14503 affects Harmonix on AWS (Harmonix on AWS framework). The issue is an overly-permissive IAM trust policy in the EKS environment provisioning role that trusts the account root principal, potentially enabling any IAM principal within the same AWS account to call sts:AssumeRole and obt...

CVE-2020-14503

Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2017-14503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive,...

Oracle Linux 7 : libarchive (ELSA-2019-2298)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2298 advisory. - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 Tenable has extracted the precedin...

Oracle Linux 8 : libarchive (ELSA-2019-3698)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3698 advisory. - fix out-of-bounds read within lhareaddatanone CVE-2017-14503 - fix crash on crafted 7zip archives CVE-2019-1000019 Tenable has extracted the precedin...

Dell PowerScale OneFS Licensing Issue Vulnerability (CNVD-2023-14503)

Dell PowerScale OneFS is an operating system from Dell USA Inc. Dell PowerScale OneFS version 9.4.0.x is vulnerable to an authorization issue that stems from the presence of incorrect default privileges, which could be exploited to overwrite arbitrary files and cause a denial of service...

Mageia: Security Advisory (MGASA-2018-0361)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3571-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3640-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3640-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : libarchive (CESA-2019:3698)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3698 advisory. - libarchive: Out-of-bounds read in lhareaddatanone CVE-2017-14503 - libarchive: Double free in RAR decoder resulting in a denial of service...

CVE-2020-14503

Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary code...

CVE-2020-14503

Advantech iView (versions 5.6 and earlier) contains an improper input validation vulnerability that could allow remote code execution. The primary public detail points to NetworkServlet input handling as a critical flaw exploited remotely with no authentication (per ZDI advisory ZDI-20-834 and CV...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2020-1226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-14503

CVE-2019-14503 is rejected/not used per the initial description; it does not represent an active vulnerability entry.

CVE-2019-14503

...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2202)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2604)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libarchive Multiple Vulnerabilities (NS-SA-2019-0248)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libarchive packages installed that are affected by multiple vulnerabilities: - libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability ...