Lucene search
K

3148 matches found

NVD
NVD
added yesterday9 views

CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS0.0035EPSS
Exploits0References5
CVE
CVE
added yesterday12 views

CVE-2026-14164

CVE-2026-14164 concerns libarchive’s RAR5 reader. A double-free arises when a filtered_buf pointer remains stale after being freed during unpack state reinitialization, allowing a second free on processing a subsequent archive entry. The issue is triggered by parsing a specially crafted RAR5 arch...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added yesterday7 views

CVE-2026-14164 Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-40259

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
Debian CVE
Debian CVE
added yesterday4 views

CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0
RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-14164

A double free issue has been identified in libarchive's RAR5 reader. During parsing of a specially crafted RAR5 archive, the filteredbuf pointer may remain stale after being freed during unpacking state reinitialization. Subsequent processing of another archive entry can trigger a second free of...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2 days ago7 views

Security update for xtrabackup (moderate)

openSUSE Security Update: Security update for xtrabackup Announcement ID: openSUSE-SU-2026:0221-1 Rating: moderate References: 1244285 Cross-References: CVE-2025-5918 CVSS scores: CVE-2025-5918 SUSE: 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE...

2.4CVSS5.8AI score0.00341EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 4 days ago9 views

EulerOS 2.0 SP15 : libarchive (EulerOS-SA-2026-2486)

According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of...

7.5CVSS7.1AI score0.00882EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago8 views

SUSE SLES15 Security Update : libarchive (SUSE-SU-2026:2599-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2599-1 advisory. This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches...

9.8CVSS7.4AI score0.01073EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

SUSE SLED15 / SLES15 Security Update : libarchive (SUSE-SU-2026:2490-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2490-1 advisory. This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length...

9.8CVSS6.5AI score0.01073EPSS
Exploits1References16
OSV
OSV
added 2026/06/22 9:4 a.m.2 views

SUSE-SU-2026:22248-1 Security update for libarchive

This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches bsc1253088. - CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop and DoS bsc1259635. - CVE-2026-4424:...

9.8CVSS7.3AI score0.01073EPSS
Exploits1References11
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libarchive

In libarchive before version 3.6.2, the software does not check for an error after calling the calloc function. This function may return a NULL pointer if it fails, leading to a NULL pointer being dereferenced. NOTE: The discoverer cites this CWE-476 issue, but third parties dispute its impact on...

9.8CVSS6.8AI score0.01936EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in libarchive

An improper link resolution flaw can occur during the extraction of an archive, resulting in changes to the mode, times, access control lists, and flags of a file within the archive. An attacker may provide a malicious archive to a victim user, triggering this flaw when the victim attempts to...

7.8CVSS6.6AI score0.00366EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libarchive

An improper link resolution flaw during the extraction of an archive can cause changes to the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, triggering this flaw when the victim tries to extract the archive. A local attacker may...

7.8CVSS7.4AI score0.00367EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libarchive

In libarchive versions 3.4.1 through 3.5.1, there is a use-after-free in the copystring function called from douncompressblock and processblock...

6.5CVSS7AI score0.02845EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libarchive

Libarchive Remote Code Execution Vulnerability...

7.8CVSS6.7AI score0.87784EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in libarchive

A issue was discovered in libarchive bsdtar before version 3.8.1, in the function applysubstitution in the file tar/subst.c, when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to a denial of service Out-of-Memory crash...

5.5CVSS5.4AI score0.00139EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in libarchive

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are passed into bsdtar, potentially allowing for reading beyond the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior,...

6.6CVSS5.2AI score0.00341EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libarchive

“executefilteraudio” in “archivereadsupportformatrar.c” in “libarchive” before version 3.7.5 allows out-of-bounds access via a crafted archive file, as “src” can move beyond “dst”...

7.8CVSS6.1AI score0.00474EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libarchive

The executefilterdelta function in archivereadsupportformatrar.c in libarchive before version 3.7.5 allows for out-of-bounds access through a crafted archive file, as src may move beyond dst...

7.8CVSS6.1AI score0.00551EPSS
Exploits1References2
Rows per page
Query Builder