Lucene search
+L

49 matches found

osv
osv
added 2026/07/02 12:0 a.m.4 views

UBUNTU-CVE-2026-20243

A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in ALZ...

7.5CVSS7AI score0.00389EPSS
Exploits0References4
osv
osv
added 2026/06/23 1:2 p.m.3 views

OPENSUSE-SU-2026:21153-1 Security update for xar

This update for xar fixes the following issues: Changes in xar: - Switch to the maintained Apple xar lineage build 503, versioned 1.8.0.0.503: the mackyle 1.6.1 fork this package tracked has been dead since 2012, and Debian, Fedora and Gentoo all moved to Apple's xar apple-oss-distributions/xar...

9.8CVSS7.1AI score0.01935EPSS
Exploits0References8
osv
osv
added 2026/06/05 1:51 p.m.10 views

SUSE-SU-2026:22046-1 Security update for dpkg

This update for dpkg fixes the following issue: - CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service bsc1259385...

7.5CVSS5.4AI score0.00418EPSS
Exploits0References3
osv
osv
added 2026/06/05 1:51 p.m.4 views

SUSE-SU-2026:22085-1 Security update for dpkg

This update for dpkg fixes the following issue: - CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service bsc1259385...

7.5CVSS5.2AI score0.00418EPSS
Exploits0References3
osv
osv
added 2026/06/05 1:47 p.m.7 views

OPENSUSE-SU-2026:20909-1 Security update for dpkg

This update for dpkg fixes the following issue: - CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service bsc1259385...

7.5CVSS5.4AI score0.00418EPSS
Exploits0References2
osv
osv
added 2026/03/19 12:23 p.m.3 views

SUSE-SU-2026:20795-1 Security update for dpkg

This update for dpkg fixes the following issue: - CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service bsc1259385...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2026/03/07 9:16 a.m.8 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References2
debiancve
debiancve
added 2026/03/07 8:10 a.m.8 views

CVE-2026-2219

It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...

7.5CVSS5.2AI score0.00418EPSS
Exploits0
attackerkb
attackerkb
added 2026/02/25 9:40 p.m.4 views

CVE-2026-27819

Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the restoreConfig function in vikunja/pkg/modules/dump/restore.go of the go-vikunja/vikunja repository fails to sanitize file paths within the provided ZIP archive. A maliciously crafted ZIP can bypass the...

7.2CVSS7.4AI score0.00739EPSS
Exploits1References3Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-2804

Malware in sbrugna...

4.3CVSS6AI score0.02286EPSS
Exploits0References10
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-0345

Malware in sbrugna...

5CVSS6.4AI score0.02984EPSS
Exploits0References12
susecve
susecve
added 2024/01/07 2:58 a.m.4 views

SUSE CVE-2019-13453

Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32 and zipfile.cpp:Zipfile::Zipfile...

6.5CVSS6.9AI score0.02026EPSS
Exploits0References2
amazon
amazon
added 2023/03/22 12:0 a.m.7 views

Important: golang

Issue Overview: A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. CVE-2021-33196 A validation flaw was found in golang. When invoking functions from WASM modules built...

9.8CVSS7.3AI score0.10299EPSS
Exploits8
susecve
susecve
added 2023/02/15 5:53 a.m.6 views

SUSE CVE-2011-1471

Integer signedness error in zipstream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service CPU consumption via a malformed archive file that triggers errors in zipfread function calls...

4.3CVSS6.6AI score0.13189EPSS
Exploits2References3
susecve
susecve
added 2023/02/15 4:13 a.m.5 views

SUSE CVE-2019-9923

paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers...

3.3CVSS7.7AI score0.03028EPSS
Exploits0References39
prion
prion
added 2019/07/17 3:15 p.m.19 views

Design/Logic Flaw

Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32 and zipfile.cpp:Zipfile::Zipfile...

4.3CVSS6.3AI score0.02026EPSS
Exploits0References4Affected Software1
osv
osv
added 2019/07/15 12:0 a.m.7 views

UBUNTU-CVE-2019-13453

Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32 and zipfile.cpp:Zipfile::Zipfile...

6.5CVSS6.6AI score0.02026EPSS
Exploits0References7
osv
osv
added 2019/04/10 2:33 p.m.9 views

SUSE-SU-2019:0926-1 Security update for tar

This update for tar fixes the following issues: Security issues fixed: - CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in paxdecodeheader bsc1130496. - CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file...

7.5CVSS4.9AI score0.03028EPSS
Exploits1References5
nessus
nessus
added 2019/03/25 12:0 a.m.30 views

Ubuntu 16.04 LTS : P7ZIP vulnerabilities (USN-3913-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3913-1 advisory. It was discovered that p7zip did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially...

8.8CVSS7.7AI score0.09795EPSS
Exploits3References3
redhatcve
redhatcve
added 2019/03/22 1:19 p.m.23 views

CVE-2019-9923

paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers...

7.5CVSS2.3AI score0.03028EPSS
Exploits0References2
Rows per page
Query Builder