Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.12 views

EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2026-2372)

According to the versions of the libarchive packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddat...

7.5CVSS5.6AI score0.00693EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 6:6 p.m.25 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

7.5CVSS6.6AI score0.00882EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

TencentOS Server 4: libarchive (TSSA-2026:0308)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0308 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS7.9AI score0.01073EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.15 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.9)

The version of AHV installed on the remote host is prior to AHV-10.3.1.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.9 advisory. - The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for...

9.8CVSS7.4AI score0.0218EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/03/31 11:28 p.m.6 views

SUSE CVE-2026-5121

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for...

7.1CVSS6.7AI score0.01073EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.40 views

Linux Distros Unpatched Vulnerability : CVE-2026-5121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can...

9.8CVSS7.6AI score0.01073EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/03/19 3:16 p.m.6 views

CVE-2026-4426

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/19 1:53 p.m.6 views

CVE-2026-4426

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...

6.5CVSS5.8AI score0.00305EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/19 1:53 p.m.4 views

CVE-2026-4426

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...

6.5CVSS5.8AI score0.00305EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/19 1:50 p.m.6 views

CVE-2026-4424

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

7.5CVSS5.8AI score0.00882EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-4426

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs...

6.5CVSS5.9AI score0.00305EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.12 views

EulerOS Virtualization 2.12.1 : libarchive (EulerOS-SA-2026-1435)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when...

7.8CVSS6.7AI score0.00341EPSS
Exploits3References6
Packet Storm
Packet Storm
added 2026/01/30 12:0 a.m.190 views

📄 libarchive RAR Double Free / Use-After-Free

This proof of concept demonstrates a memory management flaw in libarchive versions prior to 3.8.0 when handling malformed RAR headers. By supplying a corrupted RAR structure, the code forces error paths during archive parsing, leading to improper cleanup. As a result, the archive object may be...

7.8CVSS5.9AI score0.00326EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.5 views

macOS 14.x < 14.8.3 Multiple Vulnerabilities (125888)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.8.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing...

9.8CVSS7AI score0.16212EPSS
Exploits2References22
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.7 views

AlmaLinux 10 : libarchive (ALSA-2025:14137)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:14137 advisory. libarchive: Double free at archivereadformatrarseekdata in archivereadsupportformatrar.c CVE-2025-5914 Tenable has extracted the preceding description block...

7.8CVSS6.7AI score0.00326EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2025-986096)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986096 advisory. listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact...

7.8CVSS5.8AI score0.00329EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-5915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over- read due to the size of a filter block potentially...

6.6CVSS6.9AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in libarchive

A vulnerability has been identified in the libarchive library. This flaw can lead to an over-reading of the heap buffer, as the size of a filter block may exceed the Lempel-Ziv-Storer-Schieber LZSS window. This means that the library may attempt to read beyond the allocated memory buffer, which c...

6.6CVSS6.1AI score0.00163EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-14501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw exists in parsefileinfo in archivereadsupportformatiso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file...

6.5CVSS6AI score0.02147EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/03 3:54 a.m.5 views

CVE-2025-25724

A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be...

4CVSS4.2AI score0.00329EPSS
Exploits1References6
Rows per page
Query Builder