Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: sleuthkit (UTSA-2026-014271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014271 advisory. The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intende...

OESA-2026-1939 sleuthkit security update

The Sleuth Kit previously known as TASK is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can...

OESA-2026-1936 sleuthkit security update

The Sleuth Kit previously known as TASK is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can...

Linux Distros Unpatched Vulnerability : CVE-2026-40024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the...

CVE-2026-40024

A flaw was found in The Sleuth Kit, specifically in the tskrecover tool. An attacker can exploit this path traversal vulnerability by providing a specially crafted filesystem image containing malicious filenames or directory paths with path traversal sequences. This allows the attacker to write...

DEBIAN-CVE-2026-40024

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can...

CVE-2026-40024

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can...

UBUNTU-CVE-2026-40024

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can...

CVE-2026-40024

The vulnerability affects Sleuth Kit up to version 4.14.0, specifically in the tsk_recover component. A path traversal flaw allows an attacker to write files outside the intended recovery directory by crafting filesystem images with embedded /.. sequences in filenames, which can lead to overwriti...

CVE-2026-40024 Sleuth Kit tsk_recover Path Traversal

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can...

CVE-2026-40024 Sleuth Kit tsk_recover Path Traversal

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tskrecover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002402 advisory. Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive...

EUVD-2017-5277

Malware in sbrugna...

EUVD-2017-5272

Malware in sbrugna...

SUSE CVE-2017-13760

In The Sleuth Kit TSK 4.4.2, fls hangs on a corrupt exfat image in tskimgread in tsk/img/imgio.c in libtskimg.a...

Exploit for Externally Controlled Reference to a Resource in Another Sphere in Linux Linux_Kernel

Bypassing Spectre-BTI User Space Mitigations on Linux Th...

CVE-2018-19497

In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...

OSV-2021-709 Index-out-of-bounds in tsk_img_read

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33805 Crash type: Index-out-of-bounds Crash state: tskimgread APFSPool::read APFSBlock::APFSBlock...

Fedora: Security Advisory for sleuthkit (FEDORA-2020-94c2f78e0c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-10232

In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c...