Lucene search
K

46 matches found

RedHat Linux
RedHat Linux
added 3 days ago8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.68 packages and security update

Red Hat OpenShift Container Platform release 4.14.68 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

10CVSS6.9AI score0.01945EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : libarchive (EulerOS-SA-2026-2445)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.9 views

ddev 路径遍历漏洞

ddev is an open-source local PHP and Node.js development environment tool developed by DDEV. Versions of ddev prior to 1.25.2 contained a path traversal vulnerability. This vulnerability stemmed from the Untar and Unzip functions not verifying paths properly, which could lead to path traversal wh...

9.1CVSS5.8AI score0.00418EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2026/04/20 3:2 a.m.5 views

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/16 6:27 p.m.6 views

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/16 4:46 p.m.20 views

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

RHEL 10 : libarchive (RHSA-2026:8492)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8492 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

RHEL 8 : libarchive (RHSA-2026:8521)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8521 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660...

9.8CVSS6.3AI score0.01073EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/04/09 2:44 p.m.3 views

CVE-2026-5439

A memory exhaustion vulnerability exists in ZIP archive processing. Orthanc automatically extracts ZIP archives uploaded to certain endpoints and trusts metadata fields describing the uncompressed size of archived files. An attacker can craft a small ZIP archive containing a forged size value,...

7.5CVSS5.4AI score0.00426EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/08 2:29 p.m.7 views

libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

7.5CVSS5.9AI score0.00693EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/03/25 8:2 a.m.9 views

Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing

...

7.5CVSS5.7AI score0.00882EPSS
Exploits0
OSV
OSV
added 2026/03/19 3:16 p.m.4 views

UBUNTU-CVE-2026-4424

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/19 3:16 p.m.7 views

CVE-2026-4424

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.9AI score0.00882EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/13 9:31 p.m.6 views

EUVD-2026-12031

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

7.5CVSS5.8AI score0.00693EPSS
Exploits0References4
OSV
OSV
added 2026/03/07 9:16 a.m.6 views

AZL-79509 CVE-2026-2219 affecting package dpkg 1.20.10-1

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.7AI score0.00418EPSS
Exploits0References1
OSV
OSV
added 2026/03/06 2:43 p.m.3 views

OPENSUSE-SU-2026:20330-1 Security update for python-uv

This update for python-uv fixes the following issue: - CVE-2025-13327: parsing differentials when processing specially crafted ZIP archives during package installation can lead to arbitrary code execution bsc1258993...

6.3CVSS6.3AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Articentgroup Zip Rar Extractor Tool 安全漏洞

The Articentgroup Zip Rar Extractor Tool is a decompression tool developed by the Articentgroup company in the United States. The version 1.345.93.0 of the Articentgroup Zip Rar Extractor Tool contains a security vulnerability, which stems from a directory traversal vulnerability present in the Z...

4.3CVSS5.8AI score0.00373EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-5940

Name of the Vulnerable Software and Affected Versions Articentgroup Zip Rar Extractor Tool version 1.345.93.0 Description The Articentgroup Zip Rar Extractor Tool is susceptible to a Directory Traversal issue. This flaw is located within the ZIP file processing component, specifically in the part...

4.3CVSS5.4AI score0.00373EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/30 5:16 p.m.6 views

CVE-2025-61728

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

7.5CVSS7.9AI score0.00643EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.8 views

PT-2026-25310

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw exists in the RAR5 archive decompression logic within the archive read data processing path of the libarchive library. Processing a specially crafted RAR5 archive can cause the...

7.8CVSS6.3AI score0.00693EPSS
Exploits0References86
Rows per page
Query Builder