Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2017-14166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over- read and application crash via a crafted xar archive,...

6.5CVSS6.6AI score0.03341EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/28 10:20 a.m.36 views

Security Bulletin: IBM App Connect Enterprise Certified Container images may be vulnerable to denial of service due to libarchive [CVE-2017-14166]

Summary libarchive is present in the IBM App Connect Enterprise Certified Container images as part of the base operating system. IBM App Connect Enterprise Certified Container images may be vulnerable to denial of service. This bulletin provides patch information to address the reported...

6.5CVSS6.3AI score0.03341EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2017-0337)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.03341EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2018:3640-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.03367EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:3640-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.03367EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.48 views

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2020-1226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.05258EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2604)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.0489EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2019-2202)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.05258EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2018/12/28 12:0 a.m.37 views

Debian DSA-4360-1 : libarchive - security update

Multiple security issues were found in libarchive, a multi-format archive and compression library: Processing malformed RAR archives could result in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service. C Tenabl...

8.8CVSS6.4AI score0.04575EPSS
Exploits1References13
Debian
Debian
added 2018/12/27 4:40 p.m.85 views

[SECURITY] [DSA 4360-1] libarchive security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4360-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq -...

8.8CVSS8.4AI score0.04575EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/12/26 12:0 a.m.53 views

Debian: Security Advisory (DSA-4360-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.04575EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/12/10 12:0 a.m.30 views

SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2018:3640-2)

This update for libarchive fixes the following issues : CVE-2016-10209: The archivewstringappendfrommbs function in archivestring.c allowed remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive file. bsc1032089 CVE-2016-10349: The...

7.5CVSS6.3AI score0.03367EPSS
Exploits1References22
Debian
Debian
added 2018/11/29 10:32 p.m.106 views

[SECURITY] [DLA 1600-1] libarchive security update

Package : libarchive Version : 3.1.2-11+deb8u4 CVE ID : CVE-2015-8915 CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2017-5601 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 Debian Bug : 853278 875960 875974 875966 874539 840934 840935 8616...

7.5CVSS8.1AI score0.05258EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/11/10 12:0 a.m.31 views

openSUSE Security Update : libarchive (openSUSE-2018-1366)

This update for libarchive fixes the following issues : - CVE-2016-10209: The archivewstringappendfrommbs function in archivestring.c allowed remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive file. bsc1032089 - CVE-2016-10349: The...

7.5CVSS6.3AI score0.03367EPSS
Exploits1References14
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.88 views

Ubuntu: Security Advisory (USN-3736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.03341EPSS
Exploits1References2
Cloud Foundry
Cloud Foundry
added 2018/09/11 12:0 a.m.510 views

USN-3736-1: libarchive vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that libarchive incorrectly handled certain archive files. A remote attacker could possibly use this issue to cause a denial of service. This...

6.5CVSS7AI score0.03341EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/08/13 2:16 p.m.53 views

USN-3736-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10209, CVE-2016-10349, CVE-2016-10350 Agostino Sarubbo discovered tha...

6.5CVSS6.2AI score0.03341EPSS
Exploits1
OSV
OSV
added 2017/09/10 12:36 p.m.11 views

MGASA-2017-0337 Updated libarchive packages fix security vulnerability

Heap-based buffer overflow in xmldata in archivereadsupportformatxar.c CVE-2017-14166...

6.5CVSS7.2AI score0.03341EPSS
Exploits0References3
CVE
CVE
added 2017/09/06 6:0 p.m.156 views

CVE-2017-14166

CVE-2017-14166 affects libarchive and causes a denial of service via a heap-based buffer over-read in the atol8 handling inside archive_read_support_format_xar.c when processing crafted XAR files. This is evidenced across multiple advisories (IBM App Connect Enterprise/Bulletin, IBM MQ/Operator b...

6.5CVSS6.5AI score0.03341EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/09/06 6:0 p.m.18 views

CVE-2017-14166

libarchive 3.3.2 allows remote attackers to cause a denial of service xmldata heap-based buffer over-read and application crash via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archivereadsupportformatxar.c...

6.5CVSS6.7AI score0.03341EPSS
Exploits0
Rows per page
Query Builder