Lucene search
K

417 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-55781

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fsfsize fragment size, allowin...

2.4CVSS0.00112EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42957

NanaZip is the 7-Zip derivative intended for the modern Windows experience. Prior to 6.5.1749.0, NanaZip's UFS and FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp validates the superblock block size only against the MINBSIZE lower bound and does not validate the fsfsize fragment size, allowin...

2.4CVSS6.2AI score0.00112EPSS
Exploits0References3
CVE
CVE
added 3 days ago9 views

CVE-2026-55781

The CVE affects NanaZip (7-Zip derivative) prior to version 6.5.1749.0, specifically the UFS/FFS image handler in NanaZip.Codecs.Archive.Ufs.cpp. The root cause is that superblock considerations validate the block size only against MINBSIZE and do not validate the fs_fsize fragment size, allowing...

2.4CVSS6.2AI score0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 6:27 a.m.4 views

OESA-2026-2840 nilfs-utils security update

Userspace utilities for creating and mounting NILFS v2 filesystems. Security Fixes: NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images...

6.7CVSS5.9AI score0.00105EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-8720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When...

7.5CVSS6AI score0.00111EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:9 a.m.6 views

thunderbolt: Bound root directory content to block size

...

7.1CVSS5.8AI score0.00126EPSS
Exploits0
EUVD
EUVD
added 2026/06/26 12:32 a.m.6 views

EUVD-2026-39579

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

5.9CVSS5.9AI score0.00111EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 10:17 p.m.10 views

CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

7.5CVSS0.00111EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:17 p.m.4 views

DEBIAN-CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

7.5CVSS5.8AI score0.00111EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 10:17 p.m.5 views

UBUNTU-CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

7.5CVSS5.8AI score0.00111EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:18 p.m.6 views

CVE-2026-8720

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

5.9CVSS5.9AI score0.00111EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 9:18 p.m.20 views

CVE-2026-8720

CVE-2026-8720 affects wolfSSL’s HMAC-BLAKE2 APIs (wc_Blake2bHmacFinal, wc_Blake2sHmacFinal). When the supplied key length exceeds the BLAKE2 block size, the key-hashing branch reinitializes the running hash state and discards accumulated message data, causing the MAC to depend only on the key and...

7.5CVSS5.9AI score0.00111EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 9:18 p.m.24 views

CVE-2026-8720 HMAC-BLAKE2 final discards message when key length exceeds block size

wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When the supplied key is longer than the BLAKE2 block size the key-hashing branch reinitialized the running hash state, discarding the...

5.9CVSS0.00111EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

7.1CVSS0.00126EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39240

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

5.7AI score0.00126EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53149

CVE-2026-53149 affects the Linux kernel Thunderbolt code path, where __tb_property_parse_dir() may read beyond the root directory block due to missing bounds checks on content_offset/content_len. The issue could allow reading past a directory block, with high impact to confidentiality and availab...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

7.1CVSS5.6AI score0.00126EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52605

Name of the Vulnerable Software and Affected Versions wolfSSL version 5.9.0 Description The functions wc Blake2bHmacFinal and wc Blake2sHmacFinal discard the message when the key length exceeds the block size. This occurs because the key-hashing branch reinitializes the running hash state, which...

7.5CVSS5.9AI score0.00111EPSS
Exploits0References6
Rows per page
Query Builder