Lucene search
+L

353 matches found

OSV
OSV
added 2025/06/09 8:15 p.m.6 views

AZL-63753 CVE-2025-5918 affecting package cmake for versions less than 3.30.3-8

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memo...

6.6CVSS7AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 8:15 p.m.6 views

AZL-63818 CVE-2025-5917 affecting package cmake for versions less than 3.21.4-20

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to...

5CVSS6.4AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 8:15 p.m.8 views

AZL-63824 CVE-2025-5916 affecting package cmake for versions less than 3.21.4-20

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...

5.6CVSS6.3AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 8:15 p.m.8 views

AZL-63821 CVE-2025-5918 affecting package cmake for versions less than 3.21.4-20

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memo...

6.6CVSS5.7AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 8:15 p.m.5 views

AZL-63756 CVE-2025-5917 affecting package cmake for versions less than 3.30.3-8

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to...

5CVSS6.4AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2025/06/09 8:15 p.m.7 views

AZL-63759 CVE-2025-5916 affecting package cmake for versions less than 3.30.3-8

A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...

5.6CVSS6.3AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2025/05/28 7:15 a.m.8 views

AZL-62038 CVE-2025-5025 affecting package cmake for versions less than 3.30.3-6

libcurl supports pinning of the server certificate public key for HTTPS transfers. Due to an omission, this check is not performed when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. Documentation says the option works with wolfSSL, failing to specify that it does not for QUIC...

4.8CVSS6.6AI score0.00253EPSS
Exploits2References1
OSV
OSV
added 2025/05/28 7:15 a.m.4 views

AZL-62055 CVE-2025-4947 affecting package cmake for versions less than 3.30.3-7

libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks...

6.5CVSS6.6AI score0.00248EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.7 views

cmake bug fix and enhancement update

An update is available for cmake. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.8 views

Azure Linux 3.0 Security Update: cmake / libarchive (CVE-2024-48615)

The version of cmake / libarchive installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-48615 advisory. - Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdt...

7.5CVSS7.3AI score0.00502EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/04/10 7:51 p.m.50 views

CVE-2024-48615 affecting package cmake for versions less than 3.30.3-6

CVE-2024-48615 affecting package cmake for versions less than 3.30.3-6. A patched version of the package is available...

7.5CVSS7.6AI score0.00502EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/04/09 12:0 a.m.14 views

CBL Mariner 2.0 Security Update: cmake / libarchive (CVE-2024-48615)

The version of cmake / libarchive installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-48615 advisory. - Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdt...

7.5CVSS7.3AI score0.00502EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/04/08 9:13 p.m.51 views

CVE-2024-48615 affecting package cmake for versions less than 3.21.4-17

CVE-2024-48615 affecting package cmake for versions less than 3.21.4-17. A patched version of the package is available...

7.5CVSS7.6AI score0.00502EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/04/02 3:8 p.m.37 views

CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10

CVE-2023-44487 affecting package cmake for versions less than 3.21.4-10. A patched version of the package is available...

7.5CVSS8.2AI score0.99999EPSS
Exploits19
OSV
OSV
added 2025/03/28 3:15 p.m.7 views

AZL-59338 CVE-2024-48615 affecting package cmake for versions less than 3.21.4-17

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...

7.5CVSS5.8AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2025/03/28 3:15 p.m.6 views

AZL-59385 CVE-2024-48615 affecting package cmake for versions less than 3.30.3-6

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...

7.5CVSS7.1AI score0.00502EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.11 views

Azure Linux 3.0 Security Update: cmake / nghttp2 / nodejs / nodejs18 (CVE-2023-35945)

The version of cmake / nghttp2 / nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-35945 advisory. - Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's...

7.5CVSS8.1AI score0.01288EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/03/13 10:37 a.m.4 views

Security update for curl

This update for curl fixes the following issues: Update to 8.12.1: Bugfixes: asyn-thread: fix build with 'CURLDISABLESOCKETPAIR' asyn-thread: fix HTTPS RR crash asyn-thread: fix the returned bitmask from Curlresolvergetsock asyn-thread: survive a c-ares channel set to NULL cmake: always reference...

6.9CVSS7.8AI score0.0197EPSS
Exploits4References16
SUSE CVE
SUSE CVE
added 2025/03/05 2:31 a.m.3 views

SUSE CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

10CVSS7.4AI score0.00398EPSS
Exploits0References3
NVD
NVD
added 2025/03/03 9:15 a.m.6 views

CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

10CVSS0.00398EPSS
Exploits0References1
Rows per page
Query Builder