Lucene search
K

64 matches found

ATTACKERKB
ATTACKERKB
added 5 days ago4 views

CVE-2025-15646

HTML::Gumbo versions before 0.19 for Perl disclose heap memory via type confusion. Support for the element was added to libgumbo 0.10.0 in 2015, but the walktree function in lib/HTML/Gumbo.xs was not updated to support it. The element was treated as a text-node, where strlen over-reads the heap...

9.8CVSS5.8AI score0.00663EPSS
Exploits0References4
CVE
CVE
added 5 days ago24 views

CVE-2025-15646

HTML::Gumbo for Perl before 0.19 is vulnerable to heap memory disclosure via type confusion when parsing documents containing a element. The issue arises because libgumbo’s walk_tree was not updated to support , causing the element to be treated as a text node and enabling strlen() over-read of ...

9.8CVSS5.8AI score0.00663EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : libarchive (EulerOS-SA-2026-2445)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 3:47 p.m.12 views

CVE-2026-48092

A flaw was found in 7-Zip, a file archiver. This vulnerability, affecting 32-bit builds, involves a heap memory disclosure caused by an integer overflow in the SquashFS ReadBlock function. An attacker can exploit this by providing a specially crafted archive, which, when processed, allows the...

8.1CVSS5.5AI score0.00324EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 3:16 p.m.13 views

CVE-2026-48092

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

8.1CVSS0.00324EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/05 1:51 p.m.12 views

EUVD-2026-34837

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

4.3CVSS5.7AI score0.00324EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/05 1:51 p.m.9 views

CVE-2026-48092 7-Zip SquashFS Fragment Offset Overflow (GHSL-2026-116)

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

4.3CVSS5.7AI score0.00324EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 1:51 p.m.7 views

CVE-2026-48092

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

4.3CVSS5.7AI score0.00324EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/05 1:51 p.m.46 views

CVE-2026-48092 7-Zip SquashFS Fragment Offset Overflow (GHSL-2026-116)

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

4.3CVSS0.00324EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/04 2:3 a.m.58 views

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

0.0031EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 2:3 a.m.8 views

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

5.9AI score0.0031EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 2:3 a.m.9 views

CVE-2026-8829

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

7.5CVSS5.9AI score0.0031EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/27 9:42 p.m.20 views

CVE-2026-45994

A flaw was found in the Linux kernel's ibmasm module. This vulnerability, an out-of-bounds read in the commandfilewrite function, allows an attacker to cause the system to read beyond the intended memory boundaries. By manipulating the allocation size and header fields, an attacker can trigger th...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.9 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tcchainfillnode function failing to initialize the tcminfo field, resulting in the disclosure of kernel...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/29 12:40 p.m.11 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.9 views

OVN 安全漏洞

OVN is an open-source data center virtualization platform based on virtual network technology. OVN has a security vulnerability that stems from the client ID length expansion when processing specially crafted DHCPv6 SOLICIT packets. This vulnerability could allow remote attackers to perform...

8.6CVSS5.8AI score0.00868EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.16 views

PT-2026-46964

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.34 through 26.00 Description A heap memory disclosure exists in 32-bit builds where a 32-bit integer overflow occurs in the SquashFS ReadBlock function. This allows an attacker-controlled node.Offset value to bypass fragment...

8.1CVSS6AI score0.00324EPSS
Exploits1References32
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.12 views

PT-2026-46970

Name of the Vulnerable Software and Affected Versions 7-Zip versions 9.21 through 26.00 Description An uninitialized memory disclosure exists in the UEFI capsule .scap parser. The OpenCapsule function allocates a heap buffer based on an attacker-declared CapsuleImageSize up to 1 GiB without...

7.8CVSS5.6AI score0.00277EPSS
Exploits1References33
RedHat Linux
RedHat Linux
added 2026/04/20 4:5 a.m.6 views

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/20 3:2 a.m.5 views

libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References5
Rows per page
Query Builder