CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/09/16 12:0 a.m.•2 views

EulerOS Virtualization 2.13.0 : libarchive (EulerOS-SA-2025-2171)

7.8CVSS5.7AI score0.00028EPSS

Tenable Nessus•added 2025/08/12 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-25724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other...

7.8CVSS6.4AI score0.00028EPSS

RedHat Linux•added 2025/06/24 6:58 a.m.•3 views

libarchive: Buffer Overflow vulnerability in libarchive

A flaw was found in the libarchive package. Affected versions of libarchive do not check a strftime return value, which can lead to a denial of service or unspecified other impacts via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be...

RedHat Linux•added 2025/06/24 1:13 a.m.•1 views

Exploits1References7

libarchive: Buffer Overflow vulnerability in libarchive

Tenable Nessus•added 2025/06/12 12:0 a.m.•2 views

Exploits1References7

EulerOS 2.0 SP11 : libarchive (EulerOS-SA-2025-1663)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or...

7.8CVSS5.8AI score0.00028EPSS

AstraLinux•added 2025/05/19 2:38 p.m.•1 views

Astra Linux - уязвимость в libarchive

listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custo...

OSV•added 2025/03/27 3:16 p.m.•1 views

DEBIAN-CVE-2025-31179

A flaw was found in gnuplot. The xstrftime function may lead to a segmentation fault, causing a system crash...

6.2CVSS6.1AI score0.0003EPSS

Exploits0References1

OSV•added 2025/03/21 1:18 p.m.•1 views

OESA-2025-1313 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

OSV•added 2025/03/21 1:18 p.m.•1 views

OESA-2025-1310 libarchive security update

7.8CVSS5.9AI score0.00028EPSS

Exploits2References3

Microsoft CVE•added 2025/03/19 7:0 a.m.•1 views

list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.

...

7.8CVSS5.4AI score0.00028EPSS

Exploits1

SUSE CVE•added 2025/03/06 3:1 a.m.•1 views

SUSE CVE-2025-25724

4CVSS7.2AI score0.00028EPSS

Exploits1References8

7.8CVSS5.5AI score0.00028EPSS

DEBIAN-CVE-2025-25724

7.8CVSS5.1AI score0.00028EPSS

ALPINE-CVE-2025-25724

OSV•added 2025/03/02 2:15 a.m.•1 views

AZL-57712 CVE-2025-25724 affecting package libarchive for versions less than 3.7.7-2

AZL-57720 CVE-2025-25724 affecting package libarchive for versions less than 3.6.1-5

UBUNTU-CVE-2025-25724

CVE•added 2025/03/02 12:0 a.m.•290 views

Exploits1References7

CVE-2025-25724

CVE-2025-25724 affects libarchive up to 3.7.7. The issue is in tar/util.c: list_item_verbose does not check the return value of strftime, which can enable a denial of service or other impact when reading a crafted TAR with verbose=2, potentially impacted by locale-specific buffer sizing. Connecte...