Lucene search
K

138 matches found

Ubuntu
Ubuntu
added 2026/03/18 6:59 p.m.10 views

USN-8109-1: Debian Goodies vulnerability

Jakub Wilk discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands...

7.8CVSS7.1AI score0.00446EPSS
Exploits0
OSV
OSV
added 2026/03/13 2:13 p.m.21 views

CLSA-2026-1773411204 Update of alt-php

Move gpg key and repo installation from debian/install to postinst Add support for multiple deb platforms...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/09 1:20 p.m.7 views

CVE-2026-2219

A flaw was found in dpkg-deb, a component of the Debian package management system. This vulnerability allows a local user to trigger a Denial of Service DoS by providing a specially crafted zstd-compressed .deb archive. The flaw occurs because dpkg-deb does not properly validate the end of the da...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/07 9:30 a.m.8 views

EUVD-2026-10138

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

5.8AI score0.00418EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/07 8:10 a.m.5 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

5.8AI score0.00418EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/07 8:10 a.m.39 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

0.00418EPSS
Exploits0References2
OSV
OSV
added 2026/03/07 8:10 a.m.7 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/03/07 8:10 a.m.8 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/03/07 8:10 a.m.6 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.2AI score0.00418EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.9 views

dpkg-deb 安全漏洞

dpkg-deb is a package manager in Linux developed by the Debian community. dpkg-deb has a security vulnerability that stems from improper validation of the end of the data stream when decompressing.deb archives compressed with zstd, which could lead to a denial-of-service attack...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 9:47 a.m.4 views

SUSE-SU-2026:0631-1 Security update 5.1.2 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Backported security patches for Salt vendored tornado: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header...

7.5CVSS5.5AI score0.00403EPSS
Exploits0References10
SUSE Linux
SUSE Linux
added 2026/02/25 9:45 a.m.5 views

Security update 5.1.2 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fix DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fix HTTP header parameter parsing...

8.7CVSS5.5AI score0.00403EPSS
Exploits0References20
OSV
OSV
added 2026/02/25 9:45 a.m.7 views

SUSE-SU-2026:0629-1 Security update 5.1.2 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Backport security patches for Salt vendored tornado: CVE-2025-67724: missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fix DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fix HTTP header parameter parsing...

7.5CVSS5.5AI score0.00403EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/01/30 9:23 p.m.5 views

CVE-2026-24846

malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 1.8.0 and prior to version 1.20.3, malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or deb archive. The...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2026/01/29 9:12 p.m.9 views

CVE-2026-24846 malcontent's archive extraction could write outside extraction directory

malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 1.8.0 and prior to version 1.20.3, malcontent could be made to create symlinks outside the intended extraction directory when scanning a specially crafted tar or deb archive. The...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.8 views

Debian dla-4412 : libglib2.0-0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4412 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4412-1 [email protected]...

9.8CVSS7AI score0.00767EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 4: dpkg (TSSA-2025:0522)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0522 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References2
OSV
OSV
added 2025/10/09 3:49 p.m.9 views

CLSA-2025-1760024944 Fix CVE(s): CVE-2025-6297

SECURITY UPDATE: Fix directory cleanup vulnerability - dpkg-deb/info.c: Fix cleanup for control member with restricted directories - Add treewalk to set proper permissions before removal for non-root users - CVE-2025-6297...

8.2CVSS7.3AI score0.00341EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-14828

Malware in sbrugna...

7.8CVSS7.7AI score0.00545EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-0871

Malware in sbrugna...

7.5CVSS9.2AI score0.05035EPSS
Exploits0References11
Rows per page
Query Builder