Lucene search
K

29 matches found

ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-24014

Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an attacker may use path traversal sequences in the JAR name t...

6AI score0.00148EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-41011

PackagePersister.validatetgz builds "tar -tf tgz 2&1" where tgz = File.joinreleasedir, 'packages', "name.tgz" and name = packagemeta'name' comes directly from release.MF inside the uploaded tarball. The string is passed to Bosh::Common::Exec.sh, which executes via %x — i.e., /bin/sh -c. No...

8.7CVSS5.5AI score0.00116EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/09 12:23 a.m.3 views

SUSE CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS7.4AI score0.0035EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/08 8:3 a.m.10 views

CVE-2026-22184

A flaw was found in zlib. A global buffer overflow vulnerability exists in the untgz utility, specifically within the TGZfname function. This flaw allows an attacker to provide an archive name longer than 1024 bytes, leading to an out-of-bounds write. This can result in memory corruption, denial ...

9.3CVSS7.7AI score0.0035EPSS
Exploits0References7
OSV
OSV
added 2026/01/07 9:16 p.m.6 views

DEBIAN-CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

7.8CVSS8.3AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.5 views

AZL-73967 CVE-2026-22184 affecting package deltarpm 3.6.2-7

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.6 views

AZL-73964 CVE-2026-22184 affecting package blosc 1.21.4-2

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6.2AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.7 views

AZL-73991 CVE-2026-22184 affecting package blosc 1.21.6-1

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.2 views

ALPINE-CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

7.8CVSS6AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.4 views

CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

7.8CVSS7.2AI score
Exploits0References5
OSV
OSV
added 2026/01/07 9:16 p.m.5 views

AZL-73994 CVE-2026-22184 affecting package deltarpm 3.6.5-2

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6AI score0.0035EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:16 p.m.7 views

AZL-74003 CVE-2026-22184 affecting package optipng 0.7.8-5

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6AI score0.0035EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/07 9:16 p.m.10 views

CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

7.8CVSS6.2AI score0.0035EPSS
Exploits0References5
OSV
OSV
added 2026/01/07 9:16 p.m.3 views

UBUNTU-CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS6AI score0.0035EPSS
Exploits0References6
CVE
CVE
added 2026/01/07 8:25 p.m.514 views

CVE-2026-22184

CVE-2026-22184 affects zlib up to 1.3.1.2, specifically the standalone untgz utility under contrib/untgz. The flaw is an out-of-bounds write caused by copying an attacker-supplied archive name into a fixed-size global buffer (1024 bytes in some reporting). The core zlib library is not affected. A...

8.6CVSS6.9AI score0.0035EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/01/07 8:25 p.m.13 views

CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS7.5AI score0.0035EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/01/07 8:25 p.m.8 views

CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

8.6CVSS7.3AI score0.0035EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/03 12:0 a.m.4 views

PT-2026-2158

Name of the Vulnerable Software and Affected Versions zlib versions up to and including 1.3.1.2 Description zlib versions up to and including 1.3.1.2 contain a global buffer overflow in the untgz utility. The TGZfname function uses an unbounded strcpy call to copy an attacker-supplied archive nam...

10CVSS7.3AI score0.0035EPSS
Exploits0References35
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-2630

Malware in sbrugna...

7.5CVSS6.4AI score0.02657EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-12402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs...

7.5CVSS6.3AI score0.16157EPSS
Exploits0References2
Rows per page
Query Builder