Lucene search
K

654 matches found

CVE
CVE
added 2026/04/10 4:47 p.m.20 views

CVE-2026-40157

Summary: PraisionAI’s recipe unpack (cmd_unpack) before 4.5.128 is vulnerable to a path traversal in .praison tar archives. The code uses tar.extract() without validating archive member paths, so a bundle containing ../../ entries can write files outside the intended output directory. An attacker...

9.4CVSS5.9AI score0.00379EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31994

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.128 Description PraisonAI is a multi-agent teams system. The cmd unpack function in the recipe CLI extracts .praison tar archives using tar.extract without validating archive member paths. A malicious .praison...

9.4CVSS5.9AI score0.00379EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2026/04/07 11:25 p.m.5 views

SUSE CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

5.5CVSS5.9AI score0.00262EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/06 5:51 p.m.5 views

EUVD-2025-50828

OpenEXR Makes Use of Uninitialized Memory...

7.5CVSS7.1AI score0.00373EPSS
Exploits1References7
OSV
OSV
added 2026/04/06 5:51 p.m.2 views

GHSA-3H9H-QFVW-98HQ OpenEXR Makes Use of Uninitialized Memory

Summary While fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on uninitialized data inside genericunpack. This indicates a use of uninitialized memory CWE-457. The issue is reproducible with the current OSS-Fuzz harness and a single-file PoC. Details Environment: -...

7.5CVSS7.2AI score0.00373EPSS
Exploits1References8
OSV
OSV
added 2026/04/06 4:16 p.m.3 views

DEBIAN-CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

6.5CVSS5.4AI score0.00262EPSS
Exploits1References1
NVD
NVD
added 2026/04/06 4:16 p.m.10 views

CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

6.5CVSS0.00262EPSS
Exploits1References2
OSV
OSV
added 2026/04/06 4:16 p.m.4 views

UBUNTU-CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

6.5CVSS5.9AI score0.00262EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2026/04/06 4:16 p.m.5 views

CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

6.5CVSS5.9AI score0.00262EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2026/04/06 3:19 p.m.4 views

CVE-2026-34378

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

6.5CVSS5.4AI score0.00262EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-30657

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.8 Description A missing bounds check on the dataWindow attribute in EXR file headers can lead to a signed integer overflow in the generic unpack function. Setting dataWindow.min.x to a large negative value...

7.1CVSS5.9AI score0.00283EPSS
Exploits3References25
SUSE CVE
SUSE CVE
added 2026/04/02 8:39 a.m.10 views

SUSE CVE-2026-23403

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...

6.6CVSS5.8AI score0.00177EPSS
Exploits0References22
EUVD
EUVD
added 2026/04/01 9:31 a.m.4 views

EUVD-2026-17831

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...

5.8AI score0.00177EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/01 9:16 a.m.8 views

CVE-2026-23403

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2026/04/01 8:36 a.m.2 views

CVE-2026-23403

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix memory leak in verifyheader The function sets ns = NULL on every call, leaking the namespace string allocated in previous iterations when multiple profiles are unpacked. This also breaks namespace consistency checki...

5.8AI score0.00177EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.3 views

CVE-2026-33055

tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size headers in the...

8.1CVSS7.3AI score0.00688EPSS
Exploits2References1
OSV
OSV
added 2026/03/23 10:20 p.m.3 views

SUSE-SU-2026:0984-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer bsc1238917. - CVE-2025-40242: gfs2: Fix unlikely race in gdlmputlock...

7.8CVSS6AI score0.00197EPSS
Exploits0References25
OSV
OSV
added 2026/03/20 5:25 p.m.7 views

GHSA-J4XF-2G29-59PH tar-rs `unpack_in` can chmod arbitrary directories by following symlinks

Summary When unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball containing a symlink entry followed by a directory entry with the same name causes...

6.5CVSS6AI score0.00379EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/20 5:25 p.m.5 views

EUVD-2026-13616

tar-rs unpackin can chmod arbitrary directories by following symlinks...

5.1CVSS5.9AI score0.00379EPSS
Exploits1References3
NVD
NVD
added 2026/03/20 8:16 a.m.12 views

CVE-2026-33056

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball...

6.5CVSS0.00379EPSS
Exploits1References2
Rows per page
Query Builder