Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path through the hostIDReaderBSD.read function in sdk/resource/hostid.go. An attacker can execute a malicious kenv binary by placing it earlier in $PATH and triggering host ID detection on BSD or Solaris systems when...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path through the hostIDReaderBSD.read function in sdk/resource/hostid.go. An attacker can execute a malicious kenv binary by placing it earlier in $PATH and triggering host ID detection on BSD or Solaris systems when...

CLSA-2026-1775647149 libarchive: Fix of CVE-2024-20696

CVE-2024-20696: fix heap buffer overflow via negative copy length in RAR4 reader...

EUVD-2026-20016

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

DEBIAN-CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

UBUNTU-CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

CVE-2026-32288

CVE-2026-32288 affects Go’s archive/tar parsing of the old GNU sparse map format. A malicious tar with many sparse regions can trigger tar.Reader to allocate unbounded memory, potentially exhausting memory and causing high availability impact. Documented impact metrics show LOCAL attack vector, L...

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

CVE-2026-32288

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

PT-2026-32051

Уязвимость прикладного программного интерфейса util.readFileIntoStream программы просмотра и редактирования PDF-файлов Adobe Reader связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный JavaScript-к...

PT-2026-32093

Name of the Vulnerable Software and Affected Versions Acrobat DC versions prior to 26.001.21411 Acrobat Reader DC versions prior to 26.001.21411 Acrobat 2024 affected versions not specified Description An Improperly Controlled Modification of Object Prototype Attributes, also known as Prototype...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006633 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be...

GO-2026-4869 Unbounded allocation for old GNU sparse in archive/tar

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

Security Bulletin: Unbounded Memory Allocation in Go tar package When Processing Sparse Files, affects watsonx.data

Summary Go tar package's tar.Reader does not limit the number of sparse region blocks in GNU tar pax 1.0 sparse files. Malicious archives with many sparse regions can trigger excessive memory allocation, potentially causing memory exhaustion, even from small compressed inputs. This can affect...

CVE-2026-34621

creationtimestamp| type| source ---|---|--- 2026-04-07 04:00:00+00:00| published-proof-of-concept| https://justhaifei1.blogspot.com/2026/04/expmon-detected-sophisticated-zero-day-adobe-reader.html 2026-04-11 04:00:00+00:00| exploited| https://helpx.adobe.com/security/products/acrobat/apsb26-43.ht...

[SECURITY] Fedora 43 Update: calibre-9.6.0-1.fc43

Calibre is meant to be a complete e-library solution. It includes library management, format conversion, news feeds to ebook conversion as well as e-book reader sync features. Calibre is primarily a ebook cataloging program. It manages your ebook collection for you. It is designed around the...

VulnCheck KEV: CVE-2026-34621

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...

PT-2026-31065

Name of the Vulnerable Software and Affected Versions tar.Reader affected versions not specified Description tar.Reader can allocate an unbounded amount of memory when processing a specially crafted archive containing numerous sparse regions encoded using the "old GNU sparse map" format. This can...