Lucene search
+L

692 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-12482

A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in keras/src/utils/fileutils.py. Specifically, symlink entries are not subjected to the same ispathindir validation as regular file entries,...

3.1CVSS6.1AI score0.00301EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 3 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-12482

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in keras-team/keras version 3.12.0 allows an attacker to craft a malicious tar archive that bypasses the filtersafetarinfos validation in...

8.9CVSS6.1AI score0.00593EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 10:16 a.m.7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
OSV
OSV
added 2026/07/10 10:16 a.m.3 views

UBUNTU-CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/10 9:55 a.m.7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/10 9:55 a.m.9 views

EUVD-2026-42865

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References4
CVE
CVE
added 2026/07/10 9:55 a.m.18 views

CVE-2026-15028

In libarchive, CVE-2026-15028 describes a heap overflow triggered while parsing a tar archive’s PAX extended header with a malformed SUN.holesdata sparse-file attribute. The vulnerability is exploitable remotely to cause DoS or potentially arbitrary code execution on affected systems. The root ca...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/10 9:55 a.m.39 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/10 12:0 a.m.8 views

PT-2026-57143

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw in the parsing of a PAX extended header allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue specifically occurs when processi...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/07/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-15028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 4:16 p.m.18 views

CVE-2026-59874

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to make no progress while repeatedly parsing the same header. This issue is fixed in version 7.5.18...

8.7CVSS0.00358EPSS
Exploits1References3
OSV
OSV
added 2026/07/08 4:16 p.m.3 views

UBUNTU-CVE-2026-59871

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, node-tar coerces all-digit PAX path and linkpath values in src/pax.ts to JavaScript numbers, causing downstream path handling such as normalizeWindowsPathentry.path.split'/' to throw an uncaught TypeError. This issue is...

7.5CVSS6.1AI score0.00358EPSS
Exploits1References3
OSV
OSV
added 2026/07/08 4:16 p.m.3 views

UBUNTU-CVE-2026-59875

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.17, node-tar does not strip NUL bytes from PAX path and linkpath records in src/pax.ts, allowing a crafted archive with values to reach fs.lstat or fs.open and terminate the process with an uncaught exception. This issue is...

5.3CVSS6AI score0.00291EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/08 10:10 a.m.7 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing process of a tar archive containing a PAX extended header with a malformed SUN.holesdata sparse-file attribute. An attacker can cause a heap overflow and out-of-bounds read by supplying a...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 5:16 p.m.9 views

CVE-2026-57516

Ray prior to 2.56.0 contains an unsafe deserialization vulnerability in the WebDataset reader that allows attackers to achieve remote code execution by supplying a malicious tar archive to the readwebdataset function. The defaultdecoder function in webdatasetdatasource.py unconditionally calls...

8.8CVSS0.00493EPSS
Exploits1References5
OSV
OSV
added 2026/07/01 4:36 p.m.8 views

CVE-2026-57516 Ray < 2.56.0 Unsafe Deserialization RCE via WebDataset Reader

Ray prior to 2.56.0 contains an unsafe deserialization vulnerability in the WebDataset reader that allows attackers to achieve remote code execution by supplying a malicious tar archive to the readwebdataset function. The defaultdecoder function in webdatasetdatasource.py unconditionally calls...

8.6CVSS6.8AI score0.00493EPSS
Exploits1References8
CVE
CVE
added 2026/07/01 4:36 p.m.26 views

CVE-2026-57516

Ray prior to 2.56.0 is affected via the WebDataset reader flaw in which _default_decoder() deserializes tar entries using pickle.loads for .pkl/.pickle and torch.load for .pt/.pth, enabling remote code execution inside Ray remote workers when processing a malicious tar archive. Affected component...

8.8CVSS6.6AI score0.00493EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/30 2:45 p.m.8 views

CVE-2026-4360 Tarfile.extract() doesn't fully respect filter parameter

In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract function...

2CVSS5.8AI score0.00235EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/25 3:26 p.m.7 views

CVE-2026-48945 Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26

The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...

5.8AI score0.00197EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in busybox

A flaw was discovered in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by creating a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead...

7CVSS7.1AI score0.0016EPSS
Exploits0References2
Rows per page
Query Builder