368 matches found
CVE-2026-24857
bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...
SUSE CVE-2026-24857
bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor's embedded unrar code has a heap-buffer-overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out-of-bounds write in Unpack::CopyString, leading to a crash under ASAN and...
CVE-2026-24857
bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...
EUVD-2026-4855
bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...
CVE-2026-24857 bulk_extractor has Heap-based Buffer Overflow vulnerability
bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...
CVE-2025-55095
The function uxhostclassstoragemediamount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in...
CVE-2025-55095
The function uxhostclassstoragemediamount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in...
CVE-2010-0065
Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted disk image with bzip2 compression...
New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper
Cybersecurity researchers have discovered a new variant of a macOS information stealer called MacSync that's delivered by means of a digitally signed, notarized Swift application masquerading as a messaging app installer to bypass Apple's Gatekeeper checks. "Unlike earlier MacSync Stealer variant...
UBUNTU-CVE-2023-54140
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...
PT-2025-53217
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the nilfs2 file system within the Linux kernel where a kernel warning or panic may occur due to the reuse of discarded buffers in the mark buffer dirty function,...
Apple macOS Tahoe Insufficient Privilege Restriction Vulnerability
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a permission restriction insufficiency vulnerability that stems from a flaw in the system'...
CVE-2025-43470
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...
CVE-2025-43470
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...
CVE-2025-43470
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...
EUVD-2025-203135
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...
CVE-2025-43470
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...
CVE-2025-43470
CVE-2025-43470 is a macOS Tahoe 26.x vulnerability where a standard user could view files from a disk image created by an administrator due to insufficient permission checks. The public descriptions consistently state a permissions issue that was addressed with additional restrictions, and that t...
CVE-2025-43470
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator...
Apple macOS Tahoe 安全漏洞
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a permission restriction insufficiency vulnerability that stems from a flaw in the system'...