369 matches found
CVE-2026-28954
CVE-2026-28954 describes a file-quarantine bypass where a malicious disk image could bypass Gatekeeper checks. Concrete details from connected advisories confirm affected Apple platforms and fixed versions: iOS 18.7.9 and iPadOS 18.7.9; macOS Sequoia 15.7.7; macOS Sonoma 14.8.7; macOS Tahoe 26.5....
CVE-2026-28954
A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks...
CVE-2026-28954
A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks...
SUSE CVE-2026-40025
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...
SUSE CVE-2026-40026
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
CVE-2026-40025
A flaw was found in The Sleuth Kit. An attacker can exploit this vulnerability by crafting a malicious Apple File System APFS disk image. This flaw allows for an out-of-bounds read in the APFS filesystem keybag parser, specifically within the wrappedkeyparser class, due to a lack of bounds checki...
UBUNTU-CVE-2026-40026
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...
CVE-2026-40025 Sleuth Kit APFS Keybag Parser Out-of-Bounds Read
The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...
EUVD-2018-21690
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...
CVE-2018-25216
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...
CVE-2018-25216 AnyBurn 4.3 Denial of Service Local Buffer Overflow
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...
CVE-2018-25216
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...
Libarchive: libarchive: denial of service via malformed iso file processing
...
EUVD-2019-19880
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...
CVE-2019-25566
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...
CVE-2019-25566
TransMac 12.3 is affected by a local denial-of-service vulnerability: a buffer overflow in the volume name field can crash the app when a long string is used (e.g., 1000 repeated characters during disk image creation). The connected CVE records confirm the issue and its impact as described; there...
PT-2026-26911
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...
CVE-2026-4426 Libarchive: libarchive: denial of service via malformed iso file processing
A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...
Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse
...
UBUNTU-CVE-2026-2243
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition DoS...