Lucene search
K

52 matches found

NVD
NVD
added 5 days ago7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-15028

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References6
CVE
CVE
added 5 days ago14 views

CVE-2026-15028

In libarchive, CVE-2026-15028 describes a heap overflow triggered while parsing a tar archive’s PAX extended header with a malformed SUN.holesdata sparse-file attribute. The vulnerability is exploitable remotely to cause DoS or potentially arbitrary code execution on affected systems. The root ca...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 5 days ago7 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS6.2AI score0.00203EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago38 views

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...

3.9CVSS0.00203EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-57143

Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw in the parsing of a PAX extended header allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue specifically occurs when processi...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References11
Snyk
Snyk
added 2026/07/08 10:10 a.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing process of a tar archive containing a PAX extended header with a malformed SUN.holesdata sparse-file attribute. An attacker can cause a heap overflow and out-of-bounds read by supplying a...

3.9CVSS6.3AI score0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/07 5:55 a.m.3 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/05/09 8:1 a.m.14 views

fs: init flags_valid before calling vfs_fileattr_get

...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43474

In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the "get" context where the kernel's internal filekattr structure is initialized before calling vfsfileattrget, we should use t...

5.8AI score0.00112EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that flagsvalid was not initialized before calling vfsfileattrget, potentially leading t...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.16 views

PT-2026-39135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An uninitialized value bug exists where flags valid is not initialized before the vfs fileattr get function is called. This issue occurs because the fa variable is not handled with the...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-43474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the get context where the kernel's internal filekattr...

5.5CVSS6AI score0.00112EPSS
Exploits0References2
CVE
CVE
added 2026/04/21 12:1 p.m.47 views

CVE-2026-32147

Technical details about affected products/versions and remediation are not provided in the supplied documents; monitor for updates.

5.3CVSS5.8AI score0.00354EPSS
Exploits0References5Affected Software2
RedhatCVE
RedhatCVE
added 2026/01/15 12:0 a.m.9 views

CVE-2025-68772

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...

5.7AI score0.00168EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-0085

Malware in sbrugna...

2.1CVSS6.4AI score0.00395EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-9099

Malware in sbrugna...

5.5CVSS6.2AI score0.00424EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-40901

Malicious code in bioql PyPI...

10CVSS6.4AI score0.00678EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44858

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00363EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27143

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00222EPSS
Exploits0References3
Rows per page
Query Builder