Lucene search
K

129 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.10 views

Astra Linux – Vulnerability in xz-utils

XZ Utils provides a general-purpose data-compression library along with command-line tools. Prior to version 5.8.3, if the lzmaindexdecoder function was used to decode an Index that contained no Records, the resulting lzmaindex would be in a state where subsequent calls to lzmaindex.Append would...

6.3CVSS6.3AI score0.00351EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/06/02 9:17 a.m.18 views

USN-8362-1: XZ Utils vulnerability

It was discovered that XZ Utils did not properly manage memory when attempting to append data to a decoded index that contained no records. An attacker could possibly use this issue to cause XZ Utils to crash, resulting in a denial of service, or execute arbitrary code...

6.3CVSS6AI score0.00351EPSS
Exploits0
Redos
Redos
added 2026/05/26 12:0 a.m.15 views

ROS-20260526-73-0007

A vulnerability in the lzmaindexappend function of the XZ Utils data compression package is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.3CVSS6.5AI score0.00351EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/04/30 9:50 a.m.88 views

Exploit for Embedded Malicious Code in Tukaani Xz

Security Review: CVE-2024-3094 XZ Utils Backdoor Автор:...

10CVSS8.9AI score0.85974EPSS
Exploits40
OSV
OSV
added 2026/04/27 7:36 a.m.4 views

ROOT-OS-DEBIAN-13-CVE-2026-34743 CVE-2026-34743 in rootio-xz-utils - Patched by Root

Root has patched CVE-2026-34743 in the rootio-xz-utils package for Root:Debian:13. Multiple fixed versions available...

6.3CVSS5.2AI score0.00351EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: xz (UTSA-2026-014304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014304 advisory. XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that...

6.3CVSS5.7AI score0.00351EPSS
Exploits0References4
OSV
OSV
added 2026/04/13 7:0 a.m.9 views

ROOT-OS-DEBIAN-11-CVE-2026-34743 CVE-2026-34743 in rootio-xz-utils - Patched by Root

Root has patched CVE-2026-34743 in the rootio-xz-utils package for Root:Debian:11. Multiple fixed versions available...

6.3CVSS5.8AI score0.00351EPSS
Exploits0
OSV
OSV
added 2026/04/11 2:3 p.m.6 views

OESA-2026-1853 xz security update

XZ Utils is free general-purpose data compression software with a high compression ratio. XZ Utils were written for POSIX-like systems, but also work on some not-so-POSIX systems. XZ Utils are the successor to LZMA Utils. Security Fixes: XZ Utils provide a general-purpose data-compression library...

6.3CVSS6AI score0.00351EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/11 12:0 a.m.6 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...

6.3CVSS6AI score0.00351EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.3 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-34743)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-34743 advisory. - XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to...

6.3CVSS6AI score0.00351EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/08 12:0 a.m.7 views

Beyond Single Reports: Evaluating Automated ATT&CK Technique Extraction in Multi-Report Campaign Settings

Large-scale cyberattacks, referred to as campaigns, are documented across multiple CTI reports from diverse sources, with some providing a high-level overview of attack techniques and others providing technical details. Extracting attack techniques from reports is essential for organizations to...

5.8AI score
Exploits0
OSV
OSV
added 2026/04/07 8:33 a.m.4 views

ROOT-OS-DEBIAN-12-CVE-2026-34743 CVE-2026-34743 in rootio-xz-utils - Patched by Root

Root has patched CVE-2026-34743 in the rootio-xz-utils package for Root:Debian:12. Multiple fixed versions available...

6.3CVSS5.8AI score0.00351EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/04 8:2 a.m.4 views

XZ Utils: Buffer overflow in lzma_index_append()

...

6.3CVSS5.8AI score0.00351EPSS
Exploits0
OSV
OSV
added 2026/04/02 7:21 p.m.7 views

ALPINE-CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

5.3CVSS5.8AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2026/04/02 7:21 p.m.5 views

CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

6.3CVSS0.00351EPSS
Exploits0References4
OSV
OSV
added 2026/04/02 7:21 p.m.2 views

UBUNTU-CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

6.3CVSS6AI score0.00351EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 6:36 p.m.2 views

CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

6.3CVSS6AI score0.00351EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 6:36 p.m.23 views

CVE-2026-34743 XZ Utils: Buffer overflow in lzma_index_append()

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

6.3CVSS0.00351EPSS
Exploits0References3
CVE
CVE
added 2026/04/02 6:36 p.m.94 views

CVE-2026-34743

XZ Utils contains a vulnerability (CVE-2026-34743) in lzma_index_append() when decoding an empty index with lzma_index_decoder(), which could leave the index in a state that permits a buffer overflow. The issue affects versions prior to 5.8.3; a patch is available in 5.8.3. Affected component is ...

6.3CVSS6AI score0.00351EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/02 6:36 p.m.3 views

CVE-2026-34743

XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzmaindexdecoder was used to decode an Index that contained no Records, the resulting lzmaindex was left in a state where where a subsequent lzmaindexappend would allocate too little...

6.3CVSS5.8AI score0.00351EPSS
Exploits0
Rows per page
Query Builder