Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.26 views

EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2026-2294)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing...

7.5CVSS7.2AI score0.00693EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/08 10:39 p.m.10 views

CVE-2026-8012

An inappropriate implementation flaw was found in the MHTML component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496628298...

8.7CVSS5.7AI score0.00139EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.9 views

PT-2026-26727

OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malicious tar.bz2 skill archives to bypass special-entry blocking and extracted-size guardrails, causing...

6.7CVSS5.8AI score0.00132EPSS
Exploits0References4
OSV
OSV
added 2026/01/21 10:58 p.m.3 views

GHSA-R92C-9C7F-3PJ8 OpenTofu has High CPU usage in "tofu init" with maliciously-crafted module packages in .zip format

Impact Unauthenticated denial of service. Summary When installing module packages from attacker-controlled sources, tofu init may cause high CPU usage when encountering maliciously-crafted .zip archives for either provider or module distribution packages. Those who depend on modules or providers...

3.1CVSS6.6AI score
Exploits0References6
OpenVAS
OpenVAS
added 2026/01/14 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2026-1042)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS6.7AI score0.00252EPSS
Exploits0References2
OSV
OSV
added 2025/12/18 2:44 p.m.3 views

SUSE-SU-2025:4487-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2025-6075: quadratic complexity in os.path.expandvars can lead to performance degradation when values passed to it are user-controlled bsc1252974. - CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory EOCD record...

5.5CVSS7.1AI score0.00353EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2025/10/22 7:5 a.m.5 views

TARmageddon Flaw in Async-Tar Rust Library Could Enable Remote Code Execution

Cybersecurity researchers have disclosed details of a high-severity flaw impacting the popular async-tar Rust library and its forks, including tokio-tar, that could result in remote code execution under certain conditions. The vulnerability, tracked as CVE-2025-62518 CVSS score: 8.1, has been...

8.1CVSS9AI score0.00688EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-10115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a...

7.8CVSS7.3AI score0.04666EPSS
Exploits1References2
Amazon
Amazon
added 2025/04/29 12:0 a.m.22 views

Medium: python26

Issue Overview: A CRLF injection flaw was discovered in python in the way URLs are handled when doing an HTTP/HTTPS connection e.g. through urlopen or HTTPConnection. An attacker who can control the url parameter passed to urlopen method in the urllib/urllib2 modules can inject CRLF sequences and...

7.5CVSS8AI score0.06253EPSS
Exploits0
OSV
OSV
added 2021/04/20 4:44 p.m.27 views

GHSA-3C67-GC48-983W Path Traversal in Ansible

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

5.2CVSS5.9AI score0.00358EPSS
Exploits0References7
OSV
OSV
added 2017/01/24 12:0 a.m.4 views

UBUNTU-CVE-2016-10160

Off-by-one error in the pharparsepharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch...

9.8CVSS7.2AI score0.07322EPSS
Exploits0References6
Rows per page
Query Builder