34 matches found
CVE-2026-48092
A flaw was found in 7-Zip, a file archiver. This vulnerability, affecting 32-bit builds, involves a heap memory disclosure caused by an integer overflow in the SquashFS ReadBlock function. An attacker can exploit this by providing a specially crafted archive, which, when processed, allows the...
CVE-2026-48092
7-Zip (versions 9.34–26.00) contains a heap memory disclosure via a SquashFS fragment offset integer overflow on 32-bit builds. A 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset to bypass the fragment bounds check, causing memcpy to read heap m...
openSUSE 16 Security Update : ocaml (openSUSE-SU-2026:20368-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20368-1 advisory. - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992 Tenable has extracted the preceding description...
OPENSUSE-SU-2026:20368-1 Security update for ocaml
This update for ocaml fixes the following issues: - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ocaml (SUSE-SU-2026:0830-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0830-1 advisory. - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992...
SUSE: Security Advisory (SUSE-SU-2026:0800-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : ocaml (SUSE-SU-2026:0800-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0800-1 advisory. - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Tenable has extracted the precedin...
Security update for ocaml
This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0830-1 Security update for ocaml
This update for ocaml fixes the following issues: - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992...
Security update for ocaml
This update for ocaml fixes the following issues: CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0800-1 Security update for ocaml
This update for ocaml fixes the following issues: - CVE-2026-28364: missing bounds validation in readblock can lead to arbitrary code execution bsc1258992...
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
...
AZL-78495 CVE-2026-28364 affecting package ocaml 5.1.1-1
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
UBUNTU-CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
PT-2026-22292
Name of the Vulnerable Software and Affected Versions OCaml versions prior to 4.14.3 OCaml 5.x versions prior to 5.4.1 Description A flaw exists in the Marshal deserialization process due to a missing bounds check within the readblock function. This allows for a buffer over-read, potentially...
EUVD-2017-2614
Malware in sbrugna...
PT-2023-20857 · Xpdf · Xpdf
Name of the Vulnerable Software and Affected Versions: XPDF version 4.04 Description: A Buffer Overflow issue allows an attacker to cause a Denial of Service. The issue is related to the readBlock function at /xpdf/Stream.cc. Recommendations: For XPDF version 4.04, at the moment, there is no...