Lucene search
K

369 matches found

CVE
CVE
added 2026/05/11 8:7 p.m.22 views

CVE-2026-28954

CVE-2026-28954 describes a file-quarantine bypass where a malicious disk image could bypass Gatekeeper checks. Concrete details from connected advisories confirm affected Apple platforms and fixed versions: iOS 18.7.9 and iPadOS 18.7.9; macOS Sequoia 15.7.7; macOS Sonoma 14.8.7; macOS Tahoe 26.5....

7.5CVSS5.8AI score0.00387EPSS
Exploits0References4Affected Software3
Vulnrichment
Vulnrichment
added 2026/05/11 8:7 p.m.7 views

CVE-2026-28954

A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks...

5.8AI score0.00387EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/11 8:7 p.m.38 views

CVE-2026-28954

A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks...

0.00387EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/09 11:25 p.m.7 views

SUSE CVE-2026-40025

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

4.8CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/09 11:25 p.m.8 views

SUSE CVE-2026-40026

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...

4.8CVSS6AI score0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/09 11:53 a.m.5 views

CVE-2026-40025

A flaw was found in The Sleuth Kit. An attacker can exploit this vulnerability by crafting a malicious Apple File System APFS disk image. This flaw allows for an out-of-bounds read in the APFS filesystem keybag parser, specifically within the wrappedkeyparser class, due to a lack of bounds checki...

6.1CVSS5.9AI score0.00123EPSS
Exploits0References2
OSV
OSV
added 2026/04/08 10:16 p.m.8 views

UBUNTU-CVE-2026-40026

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the ISO9660 filesystem parser where the parsesusp function trusts lenid, lendes, and lensrc fields from the disk image to memcpy data into a stack buffer without verifying that the source data falls within the parsed SU...

7.1CVSS6AI score0.00126EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/08 9:35 p.m.5 views

CVE-2026-40025 Sleuth Kit APFS Keybag Parser Out-of-Bounds Read

The Sleuth Kit through 4.14.0 contains an out-of-bounds read vulnerability in the APFS filesystem keybag parser where the wrappedkeyparser class follows attacker-controlled length fields without bounds checking, causing heap reads past the allocated buffer. An attacker can craft a malicious APFS...

4.8CVSS5.9AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/26 3:30 p.m.5 views

EUVD-2018-21690

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...

6.9CVSS6AI score0.00183EPSS
Exploits1References4
NVD
NVD
added 2026/03/26 2:16 p.m.6 views

CVE-2018-25216

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...

6.9CVSS0.00183EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/26 1:24 p.m.8 views

CVE-2018-25216 AnyBurn 4.3 Denial of Service Local Buffer Overflow

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...

6.9CVSS6AI score0.00183EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 1:24 p.m.2 views

CVE-2018-25216

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Attackers can paste a 10000-byte payload into the 'Image file name' parameter during the 'Copy disk to Image'...

6.9CVSS6AI score0.00183EPSS
Exploits1References3
Microsoft CVE
Microsoft CVE
added 2026/03/25 8:2 a.m.7 views

Libarchive: libarchive: denial of service via malformed iso file processing

...

6.5CVSS5.7AI score0.00305EPSS
Exploits0
EUVD
EUVD
added 2026/03/21 3:33 p.m.5 views

EUVD-2019-19880

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/21 12:47 p.m.4 views

CVE-2019-25566

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/21 12:47 p.m.16 views

CVE-2019-25566

TransMac 12.3 is affected by a local denial-of-service vulnerability: a buffer overflow in the volume name field can crash the app when a long string is used (e.g., 1000 repeated characters during disk image creation). The connected CVE records confirm the issue and its impact as described; there...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.7 views

PT-2026-26911

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/19 1:53 p.m.2 views

CVE-2026-4426 Libarchive: libarchive: denial of service via malformed iso file processing

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...

6.5CVSS5.8AI score0.00305EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/02/25 9:3 a.m.8 views

Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

...

10CVSS5.9AI score0.005EPSS
Exploits1
OSV
OSV
added 2026/02/19 6:25 p.m.7 views

UBUNTU-CVE-2026-2243

A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition DoS...

5.1CVSS5.7AI score0.00114EPSS
Exploits1References6
Rows per page
Query Builder