Lucene search
K

824 matches found

OSV
OSV
added 2026/06/30 9:10 a.m.7 views

SUSE-SU-2026:2696-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.1AI score0.00938EPSS
Exploits8References17
OSV
OSV
added 2026/06/23 12:46 p.m.2 views

OPENSUSE-SU-2026:21038-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References16
OSV
OSV
added 2026/06/23 12:43 p.m.3 views

SUSE-SU-2026:22347-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RuggedCom Rox Integer Overflow or Wraparound (CVE-2024-57258)

Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdifft is mishandled on x8664. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

7.8CVSS7.2AI score0.00233EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.16 views

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2336)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

9.8CVSS6.7AI score0.96267EPSS
Exploits232References84
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.19 views

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2293)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

9.8CVSS6.7AI score0.96267EPSS
Exploits232References84
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.11 views

SUSE CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

3.6CVSS5.5AI score0.00179EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.15 views

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2247)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 nfsd: fix RELEASELOCKOWNERCVE-2024-26629 bonding: limit BONDMODE8023AD to...

9.8CVSS7AI score0.96267EPSS
Exploits232References88
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.14 views

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2209)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 nfsd: fix RELEASELOCKOWNERCVE-2024-26629 bonding: limit BONDMODE8023AD to...

9.8CVSS7AI score0.96267EPSS
Exploits232References88
RedhatCVE
RedhatCVE
added 2026/06/08 1:35 p.m.12 views

CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 5:16 p.m.16 views

CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS0.00179EPSS
Exploits1References1
OSV
OSV
added 2026/06/05 5:16 p.m.4 views

ALPINE-CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.3AI score0.00179EPSS
Exploits1References1
Snyk
Snyk
added 2026/06/05 5:13 p.m.12 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the SquashFS archive handler due to uninitialized memory in the blockToNode array. An attacker can cause denial of service or potentially disclose heap information by providing a crafted SquashFS image...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References3
Snyk
Snyk
added 2026/06/05 4:46 p.m.9 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the SquashFS ReadBlock function. An attacker can cause disclosure of heap memory contents by providing a specially crafted SquashFS archive with a manipulated node.Offset value, which bypasses fragment bounds check...

8.1CVSS5.4AI score0.00324EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/05 3:56 p.m.6 views

CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 3:56 p.m.14 views

CVE-2026-48104 GHSL-2026-120: 7-Zip SquashFS BlockToNode uninitialized heap read

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References1
CVE
CVE
added 2026/06/05 3:56 p.m.33 views

CVE-2026-48104

7-Zip (versions 9.18–26.00) contains an uninitialized heap read in the SquashFS archive handler. A sparsely populated index array causes _blockToNode to be allocated for all metadata blocks but only populated when an inode crosses a block boundary; images with few inodes spanning many blocks leav...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/05 3:56 p.m.45 views

CVE-2026-48104 GHSL-2026-120: 7-Zip SquashFS BlockToNode uninitialized heap read

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS0.00179EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/05 3:56 p.m.12 views

EUVD-2026-34853

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.5AI score0.00179EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/05 3:56 p.m.5 views

CVE-2026-48104

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, blockToNode is allocated with capacity for every metadata block but populated...

4.2CVSS5.4AI score0.00179EPSS
Exploits1References1
Rows per page
Query Builder