Lucene search
K

16 matches found

RedHat Linux
RedHat Linux
added 2026/05/13 1:20 p.m.21 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

10CVSS7AI score0.01945EPSS
Exploits4References7
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.10 views

PT-2026-22207

Name of the Vulnerable Software and Affected Versions Junrar versions prior to 7.5.8 Description Junrar is an open source java RAR archive library. A path traversal flaw exists in the LocalFolderExtractor component. When processing a specially crafted RAR archive on Linux/Unix systems, an attacke...

5.9CVSS6.7AI score0.12038EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.5 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : The Internet Archive Python Library vulnerability (USN-7989-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7989-1 advisory. Pengo Wray discovered that The Internet Archive Python Library incorrectly handled certain file paths when downloading files. An...

9.4CVSS5.7AI score0.01414EPSS
Exploits0References2
OSV
OSV
added 2025/12/05 1:12 p.m.4 views

OESA-2025-2784 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

5.5CVSS6.7AI score0.00139EPSS
Exploits1References2
OSV
OSV
added 2025/11/25 10:3 p.m.1 views

JLSEC-2025-241 execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-b...

executefilterdelta in archivereadsupportformatrar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst...

7.8CVSS7.9AI score0.00551EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2025/10/21 4:13 p.m.6 views

CVE-2025-62518

astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives...

8.1CVSS5.7AI score0.00688EPSS
Exploits1
OSV
OSV
added 2025/08/20 12:0 a.m.5 views

ALSA-2025:14135 Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

7.8CVSS6.7AI score0.00326EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/02/24 12:0 a.m.3 views

libarchive 安全漏洞

libarchive is a multi-format archive and compression library open-sourced by libarchive. A security vulnerability exists in libarchive version 3.7.7 and earlier versions, which stems from a null pointer dereference issue contained in the bsdunzip.c file...

5.5CVSS4.5AI score0.00318EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.3 views

Archive 安全漏洞

Archive is a Dart library for encoding and decoding various archive and compression formats such as Zip, Tar, GZip, ZLib and BZip2. A security vulnerability exists in Archive version v3.3.7, which originates from a vulnerability that allows an attacker to spoof zip filenames, resulting in...

7.8CVSS7.4AI score0.00321EPSS
Exploits1References5
OSV
OSV
added 2021/10/19 11:3 a.m.1 views

OESA-2021-1398 libarchive security update

libarchive is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use...

6.5CVSS7AI score0.02845EPSS
Exploits0References2
Debian
Debian
added 2018/02/20 10:37 p.m.26 views

[SECURITY] [DLA 1287-1] zziplib security update

Package : zziplib Version : 0.13.56-1.1+deb7u2 CVE ID : CVE-2018-6869 It was discovered that there was a uncontrolled memory allocation issue in zziplib, a ZIP archive library. Remote attackers could leverage this vulnerability to cause a denial of service via a specially-crafted file. For Debian...

6.5CVSS5.9AI score0.02854EPSS
Exploits1
The Hacker News
The Hacker News
added 2017/12/06 12:54 a.m.14 views

Critical Flaw in Major Android Tools Targets Developers and Reverse Engineers

Finally, here we have a vulnerability that targets Android developers and reverse engineers, instead of app users. Security researchers have discovered an easily-exploitable vulnerability in Android application developer tools, both downloadable and cloud-based, that could allow attackers to stea...

8.5AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/09/12 5:34 p.m.84 views

libarchive: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite

A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive...

7.5CVSS5.8AI score0.04707EPSS
Exploits1References5
CNVD
CNVD
added 2015/07/23 12:0 a.m.3 views

Ghisler Total Commander FileInfo plugin Denial of Service Vulnerability

Ghisler Total Commander formerly Windows Commander is a suite of disk file management software from the Swiss company Ghisler that replaces Explorer.File Info is one of the file information plug-ins. A security vulnerability exists in the Ghisler Total Commander File Info plug-in. A remote attack...

5CVSS6.6AI score0.03657EPSS
Exploits0References1
CVE
CVE
added 2015/07/21 3:0 p.m.59 views

CVE-2015-2869

Affected software: Total Commander FileInfo plugin (version 2.21 affected, fixed in 2.22 per TALOS report). Vulnerability type: Out‑of‑bounds read leading to denial of service and possible application termination. Root cause: Attacker-controlled fields in COFF Archive and LE structures (Archive M...

5CVSS6.9AI score0.03657EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/09/30 10:55 p.m.4 views

CVE-2013-0211

Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...

5CVSS6AI score0.03926EPSS
Exploits0References13
Rows per page
Query Builder