61 matches found
SUSE SLES15 Security Update : libarchive (SUSE-SU-2026:2599-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2599-1 advisory. This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches...
SUSE SLED15 / SLES15 Security Update : libarchive (SUSE-SU-2026:2490-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2490-1 advisory. This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length...
Security update for libarchive (important)
openSUSE security update: security update for libarchive ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20797-1 Rating: important References: bsc1259635 bsc1259928 bsc1259931 bsc1261186 Cross-References: CVE-2026-4111 CVE-2026-4424 CVE-2026-4426...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libarchive vulnerabilities (USN-8292-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8292-1 advisory. It was discovered that libarchive incorrectly handled certain RAR archive...
CVE-2026-4426 vulnerabilities
Vulnerabilities for packages: libarchive...
CVE-2026-4426 vulnerabilities
Vulnerabilities for packages: libarchive...
CVE-2026-4426
creationtimestamp| type| source ---|---|--- 2026-03-19 17:48:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhgkqupyvg2e...
CVE-2026-4426
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...
MINI-4426-RX7G-9994
Bulletin has no description...
EUVD-2026-4426
The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
DLA-4426-2 osslsigncode - regression update
Bulletin has no description...
MiracleLinux 7 : kernel-3.10.0-1062.7.1.el7 (AXSA:2019-4426:07)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4426:07 advisory. Kernel: KVM: OOB memory access via mmio ring buffer CVE-2019-14821 kernel: local attacker can trigger multiple use-after-free conditions results in...
Debian: Security Advisory (DLA-4426-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-4426-1 osslsigncode - security update
Bulletin has no description...
CVE-2025-4426
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...
CVE-2025-4426
creationtimestamp| type| source ---|---|--- 2025-07-30 01:45:15+00:00| seen| Telegram/eOpByfw4z6jTCmqEvu6wx75HxRJgQCfdh52gZEeFNw6OhI...
CVE-2025-4426
The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/productsecurity/home...
CVE-2025-4426
CVE-2025-4426 appears to be Lenovo-specific, involving a vulnerability in custom firmware where the SMM module’s SMRAM memory contents can be leaked, causing information disclosure. Public records in connected documents point to InsydeH2O-related SMRAM leakage in the SMM, with Lenovo as the vendo...
CVE-2024-4426 Comparison Slider <= 1.0.5 - Cross-Site Request Forgery
The Comparison Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing or incorrect nonce validation on several functions hooked to AJAX actions. This makes it possible for unauthenticated attackers to change slid...
WordPress Comparison Slider Plugin <= 1.0.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software Comparison Slider Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4426 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f4b5d98aca44 Credits Benedictus Jovan...