Lucene search
+L

425 matches found

nessus
nessus
added 3 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-58052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 7-Zip for Windows through 26.01 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an...

4.8CVSS6.1AI score0.00119EPSS
Exploits0References2
osv
osv
added last week1 views

SUSE-SU-2026:2833-1 Security update for clamav

This update for clamav fixes the following issues - CVE-2026-20213: PE file format parser could allow an unauthenticated, remote attacker to cause a denial of service bsc1270107. - CVE-2026-20214: FSG file format parser could allow an unauthenticated, remote attacker to cause a denial of service...

9.2CVSS7AI score0.00463EPSS
Exploits0References17
osv
osv
added last week2 views

MGASA-2026-0238 Updated 7zip packages fix a security vulnerability

7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation. CVE-2026-48095...

8.8CVSS6.2AI score0.00938EPSS
Exploits1References6
mageia
mageia
added last week4 views

Updated 7zip packages fix a security vulnerability

7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation. CVE-2026-48095...

8.8CVSS6.2AI score0.00938EPSS
Exploits1References5
thn
thn
added 2026/07/09 4:1 a.m.13 views

Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains. The activity dates back to at least August 2022, according to...

6.1AI score
Exploits0
osv
osv
added 2026/07/08 4:16 p.m.5 views

CVE-2026-14966

BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted...

3.1CVSS6.1AI score
Exploits0References1
nvd
nvd
added 2026/07/08 4:16 p.m.7 views

CVE-2026-14966

BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted...

3.1CVSS0.00291EPSS
Exploits0References1
cve
cve
added 2026/07/08 3:3 p.m.11 views

CVE-2026-14966

BBOT’s unarchive module is affected by a symlink guard bypass when handling certain archives. Specifically, zip and 7z archives with a DOS-attribute prefix in their listing (as produced by legacy p7zip) can bypass the extraction guard, allowing an attacker-controlled symlink to be written into th...

3.1CVSS5.9AI score0.00291EPSS
Exploits0References1
ubuntu
ubuntu
added 2026/07/08 2:7 p.m.6 views

USN-8517-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled certain PE files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2026-20213, CVE-2026-20214, CVE-2026-20217 It was discovered that ClamAV incorrectly handled certain 7z archive files...

7.5CVSS7.1AI score0.00463EPSS
Exploits0
fedora
fedora
added 2026/07/04 1:7 a.m.12 views

[SECURITY] Fedora 43 Update: 7zip-26.02-1.fc43

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

6AI score
Exploits0
redhatcve
redhatcve
added 2026/07/03 12:50 p.m.8 views

CVE-2026-20215

A flaw was found in ClamAV's 7z file format parser. An unauthenticated, remote attacker could exploit this vulnerability by submitting a specially crafted 7z file for scanning. This improper handling of 7z files can lead to memory corruption, allowing the attacker to cause a Denial of Service DoS...

7.5CVSS7AI score0.00389EPSS
Exploits0References4
susecve
susecve
added 2026/07/03 3:26 a.m.10 views

SUSE CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS7.3AI score0.00389EPSS
Exploits0References6
fedora
fedora
added 2026/07/03 12:56 a.m.13 views

[SECURITY] Fedora 44 Update: 7zip-26.02-1.fc44

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

5.8AI score
Exploits0
nessus
nessus
added 2026/07/03 12:0 a.m.13 views

7-Zip <= 26.02 Mark-of-the-Web Bypass (CVE-2026-58052)

The version of 7-Zip installed on the remote Windows host is 26.02 or earlier. It is, therefore, affected by a vulnerability: - 7-Zip for Windows fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier...

4.8CVSS6.1AI score0.00119EPSS
Exploits0References3
nessus
nessus
added 2026/07/03 12:0 a.m.9 views

Cisco Secure Endpoint Multiple ClamAV DoS (cisco-sa-clamav-88cFYyxR)

According to its self-reported version, Cisco Secure Endpoint is affected by multiple vulnerabilities. - A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory...

7.5CVSS7.3AI score0.00463EPSS
Exploits0References11
osv
osv
added 2026/07/02 12:0 a.m.4 views

UBUNTU-CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS7AI score0.00389EPSS
Exploits0References4
nessus
nessus
added 2026/07/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-20215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded...

7.5CVSS7AI score0.00389EPSS
Exploits0References3
osv
osv
added 2026/07/01 5:16 p.m.10 views

DEBIAN-CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS6AI score0.00389EPSS
Exploits0References1
nvd
nvd
added 2026/07/01 5:16 p.m.7 views

CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS0.00389EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/01 4:28 p.m.11 views

CVE-2026-20215

A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in 7z file...

7.5CVSS6AI score0.00389EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder