42 matches found
SUSE CVE-2026-48103
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
CVE-2026-48103
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the GetSecurity function in the WIM archive handler when processing a crafted WIM file. An attacker can cause a denial of service or potentially obtain minor information disclosure by supplying a specially crafted...
CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
EUVD-2026-34852
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
CVE-2026-48103
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
CVE-2026-48103
7-Zip versions 9.34–26.00 contain an off-by-one heap out-of-bounds read in the WIM archive handler (WIM security descriptor lookup). In WimHandler.GetSecurity, the per-image SecurOffsets table holds numEntries+1 offsets, and securityId == numEntries is allowed, causing reads at SecurOffsets[secur...
CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
PT-2026-46979
7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...
7-Zip >= 9.34 < 26.01 WIM / Ar SYMDEF OOB Read (GHSL-2026-115_GHSL-2026-122)
The version of 7-Zip installed on the remote Windows host is = 9.34 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's WIM SecurityId handling, which can lead to a crash when processing a crafted WIM image. CVE-2026-48103 - An...
CVE-2021-33599
A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service infinite loop and freezes AV engine scanner. The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the...
EUVD-2021-20283
Malware in sbrugna...
MAL-2025-10593 Malicious code in @zalastax/nolb-_wim (npm)
The package @zalastax/nolb-wim was found to contain malicious code...
CVE-2017-8773
Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADERV1PACKED. This vulnerability can be...
virt:kvm_utils security update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libguestfs 1.40.2-28.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.40.2-28 -...
[SECURITY] Fedora 33 Update: wimlib-1.13.4-2.fc33
wimlib is a C library for creating, modifying, extracting, and mounting files in the Windows Imaging Format WIM files. wimlib and its command-line frontend 'wimlib-imagex' provide a free and cross-platform alternative to Microsoft's WIMGAPI, ImageX, and DISM...
CVE-2021-33599
A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service infinite loop and freezes AV engine scanner. The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the...
Design/Logic Flaw
A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service infinite loop and freezes AV engine scanner. The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the...
Ventoy - A New Bootable USB Solution
Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHDx/EFI files. With ventoy, you don't need to format the disk over and over, you just need to copy the image files to the USB drive and boot it. You can copy many image files at a time and ventoy will give you a boot menu...
SQL Injection Vulnerability in Qimage's Website Management System (Wim)
Hefei Qimai Network Technology Co., Ltd. specializes in website construction, website optimization, web hosting, domain name registration and other network services. A SQL injection vulnerability exists in Qimage's website management system Wim. Attackers can utilize this vulnerability to obtain...