3661 matches found
CVE-2024-54016 compression bomb attack in Apache Seata Server
Improper Handling of Highly Compressed Data Data Amplification vulnerability in Apache Seata incubating. This issue affects Apache Seata incubating: through =2.2.0. Users are recommended to upgrade to version 2.3.0, which fixes the issue...
brotli bug fix and enhancement update
An update is available for brotli. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Brotli is a generic-purpose lossless compression algorithm that compresses dat...
[SECURITY] Fedora 42 Update: gdcm-3.0.24-8.fc42
Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic
...
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic
...
PT-2025-25842
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A compression buffer overrun issue has been identified in the Linux kernel's LZO compression code. Unlike the decompression code, the compression code did not check for output overruns,...
Linux Distros Unpatched Vulnerability : CVE-2024-55628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name...
Linux Distros Unpatched Vulnerability : CVE-2024-8508
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name...
SUSE CVE-2025-1866
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...
PT-2025-16767
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A potential deadloop issue in the Linux kernel's f2fs file system has been resolved. The problem occurred when the f2fs prepare compress overwrite function looped reading compressed...
CVE-2025-27316
Cross-Site Request Forgery CSRF vulnerability in hosting.io JPG, PNG Compression and Optimization wp-image-compression allows Cross Site Request Forgery.This issue affects JPG, PNG Compression and Optimization: from n/a through = 1.7.35...
CVE-2021-47650
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: prevent the potentially use of null pointer There is one call trace that sndsocregistercard -sndsocbindcard-socinitpcmruntime -sndsocdaicompressnew-sndsocnewcompress. In the trace the 'codecdai' transfers from...
CVE-2022-49167
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not double complete bio on errors during compressed reads I hit some weird panics while fixing up the error handling from btrfslookupbiosums. Turns out the compression path will complete the bio we use if we set up any ...
Medium: python-jwcrypto
Issue Overview: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot o...
WordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin JPG, PNG Compression and Optimization versions = 1.7.35...
CVE-2025-27316 WordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in hosting.io JPG, PNG Compression and Optimization wp-image-compression allows Cross Site Request Forgery.This issue affects JPG, PNG Compression and Optimization: from n/a through = 1.7.35...
CVE-2025-27316
CVE-2025-27316 : The WordPress plugin JPG, PNG Compression and Optimization (WP Image Compression) is affected. A CSRF vulnerability exists in versions up to and including 1.7.35, enabling cross-site request forgery. The public details specify the vulnerability and affected version range but do n...
WordPress plugin JPG, PNG Compression and Optimization 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
This update for the Linux Kernel 5.14.21-1505005565 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2022-48923: btrfs: prevent...
AZL-58989 CVE-2025-21693 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...