Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/17 1:45 p.m.11 views

EUVD-2026-37712

A stack-based buffer overflow exists in the rawtoheader function in src/microtar.c in rxi microtar 0.1.0. The function copies the 100-byte name and linkname fields of a TAR header with strcpy without guaranteeing null termination of the source. The POSIX ustar format permits these fixed-width...

8.8CVSS6.2AI score0.00635EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/04 12:4 p.m.13 views

CVE-2026-43623

A flaw was found in microtar. A remote attacker could exploit a stack-based buffer overflow vulnerability in the rawtoheader function by supplying a crafted TAR archive with non-null-terminated name or linkname fields. This flaw allows the attacker to corrupt adjacent stack memory, which may lead...

8.8CVSS6.3AI score0.00318EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 6:4 p.m.11 views

CVE-2026-43623

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the rawtoheader function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS6AI score0.00318EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/01 6:4 p.m.38 views

CVE-2026-43623 microtar 0.1.0 Stack-Based Buffer Overflow via raw_to_header()

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the rawtoheader function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS0.00318EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45517

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw to header function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

8.8CVSS6AI score0.00318EPSS
Exploits0References5
Rows per page
Query Builder