Lucene search
K

945 matches found

OSV
OSV
added 2026/06/30 9:10 a.m.7 views

SUSE-SU-2026:2696-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.1AI score0.00938EPSS
Exploits8References17
OSV
OSV
added 2026/06/23 12:46 p.m.2 views

OPENSUSE-SU-2026:21038-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References16
OSV
OSV
added 2026/06/23 12:43 p.m.3 views

SUSE-SU-2026:22347-1 Security update for 7zip

This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...

8.8CVSS6.4AI score0.00938EPSS
Exploits8References17
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw in memory writing within the Linux kernel’s UDF file system functionality was discovered. This flaw allows a user to trigger certain file operations, which in turn triggers udfwritefi. A local user could exploit this flaw to crash the system or potentially cause other malicious actions...

7.8CVSS6.8AI score0.00282EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/09 2:20 a.m.12 views

SUSE CVE-2026-48102

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

2.5CVSS5.6AI score0.00189EPSS
Exploits1References4
Snyk
Snyk
added 2026/06/05 5:13 p.m.7 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the CFileId::Parse function of the UDF disc image handler's File Identifier Descriptor parser. An attacker can access sensitive information or cause a crash by crafting a malicious UDF image that triggers an...

4.3CVSS5.5AI score0.00189EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/05 4:19 p.m.10 views

CVE-2026-48102

A flaw was found in 7-Zip. A remote attacker could exploit a heap out-of-bounds read vulnerability in the UDF Universal Disk Format disc image handler by tricking a user into opening a specially crafted UDF image file. This could lead to limited information disclosure, where an attacker might gai...

4.3CVSS5.7AI score0.00189EPSS
Exploits1References2
OSV
OSV
added 2026/06/05 4:16 p.m.33 views

ALPINE-CVE-2026-48102

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

4.3CVSS5.3AI score0.00189EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 3:19 p.m.15 views

CVE-2026-48102

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS5.6AI score0.00189EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 3:19 p.m.13 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS5.6AI score0.00189EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/05 3:19 p.m.65 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS0.00189EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/06/05 3:19 p.m.6 views

CVE-2026-48102

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

4.3CVSS5.5AI score0.00189EPSS
Exploits1References1
CVE
CVE
added 2026/06/05 3:19 p.m.34 views

CVE-2026-48102

7-Zip (versions 9.11–26.00) contains a heap out-of-bounds read in the UDF disc image handler (File Identifier Descriptor parser). In CFileId::Parse, after validating size and advancing to 38 + impLen + idLen, an alignment-padding loop reads up to 3 bytes past the end when (38 + impLen + idLen) % ...

4.3CVSS5.6AI score0.00189EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions 9.11 to 26.00 of 7-Zip contain a buffer error vulnerability. This vulnerability stems from the File Identifier Descriptor parser in the UDF disc image processor, where a heap out-of-bounds read occurs, potentially leading t...

4.3CVSS5.6AI score0.00189EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.18 views

7-Zip >= 9.11 < 26.01 UDF OOB Read (GHSL-2026-115_GHSL-2026-122)

The version of 7-Zip installed on the remote Windows host is = 9.11 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's UDF field handling, which can lead to a crash when processing a crafted UDF image. CVE-2026-48102 - A path...

4.3CVSS5.7AI score0.00189EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.10 views

SUSE CVE-2026-45991

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

6.4CVSS5.8AI score0.00169EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 9:52 p.m.18 views

CVE-2026-45991

A flaw was found in the Linux kernel's Universal Disk Format UDF filesystem. A remote attacker could exploit this vulnerability by tricking a user into mounting a specially crafted UDF image containing repeated partition descriptors. This could lead to a heap out-of-bounds write, potentially...

7.8CVSS6AI score0.00169EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.14 views

EUVD-2026-32287

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

5.8AI score0.00169EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.15 views

CVE-2026-45991

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

7.8CVSS0.00169EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.12 views

UBUNTU-CVE-2026-45991

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

7.8CVSS5.7AI score0.00169EPSS
Exploits0References7
Rows per page
Query Builder