Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

AlmaLinux 10 : libsolv (ALSA-2026:28236)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28236 advisory. libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums CVE-2026-9150 libsolv: Heap buffer overfl...

7.8CVSS6.1AI score0.00399EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

RHEL 10 : libsolv (RHSA-2026:28236)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28236 advisory. The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv:...

7.8CVSS6.1AI score0.00399EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2026/06/23 8:1 p.m.6 views

Moderate: Red Hat Security Advisory: libsolv security update

An update for libsolv is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6.2AI score0.00399EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/06/12 4:57 p.m.9 views

CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

4.3CVSS5.2AI score0.00187EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 4:57 p.m.30 views

CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

4.3CVSS0.00187EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 1:33 p.m.10 views

OESA-2026-2467 libsolv security update

A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative siz...

6.5CVSS6AI score0.00399EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:18 a.m.10 views

Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

...

6.5CVSS5.8AI score0.00399EPSS
Exploits0
OSV
OSV
added 2026/05/20 11:16 p.m.7 views

DEBIAN-CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6AI score0.00399EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 11:16 p.m.12 views

CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS0.00399EPSS
Exploits0References6
OSV
OSV
added 2026/05/20 11:16 p.m.3 views

UBUNTU-CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6AI score0.00399EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/20 11:7 p.m.39 views

CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS0.00399EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/20 11:7 p.m.7 views

CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6.1AI score0.00399EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/20 11:2 p.m.17 views

CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6.1AI score0.00399EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.11 views

libsolv 安全漏洞

Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability, which stems from a stack buffer overflow in the Debian metadata parser when processing specially crafted Debian repository metadata. This could lead to memory corruption...

6.5CVSS6AI score0.00399EPSS
Exploits0References2
OSV
OSV
added 2026/03/17 8:16 p.m.3 views

UBUNTU-CVE-2026-32837

miniaudio version 0.11.25 and earlier fixed in commits 1df46ae and 1df46ae contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination...

5.5CVSS5.8AI score0.00231EPSS
Exploits1References3
OSV
OSV
added 2026/03/16 8:27 p.m.6 views

GO-2026-4698 Gokapi vulnerable to DoS in E2E Metadata Parser in github.com/forceu/gokapi

Gokapi vulnerable to DoS in E2E Metadata Parser in github.com/forceu/gokapi. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2
CVE
CVE
added 2026/03/13 7:7 p.m.15 views

CVE-2026-30955

Gokapi (self-hosted file sharing server) is affected by CVE-2026-30955 due to an API endpoint that accepts unbounded request bodies, allowing an authenticated user to cause an out-of-memory (OOM) kill and complete service disruption for all users. The issue is fixed in version 2.2.4 . Impact: ava...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/13 7:7 p.m.5 views

CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 7:7 p.m.28 views

CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is...

6.5CVSS0.00248EPSS
Exploits0References2
OSV
OSV
added 2026/03/13 7:7 p.m.2 views

CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References4
Rows per page
Query Builder