3661 matches found
PT-2025-3648 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The issue is related to the btrfs compression functionality in the Linux kernel, specifically with the zlib compression path for S390 hardware acceleration. The problem arises when...
Inefficient Compression
@lodestar/reqresp is vulnerable to Inefficient Compression. The vulnerability is due to inefficient compression in the snappy framing over SSZ encoded messages, allows an attacker to send specially crafted messages that exploit these inefficiencies, potentially causing resource exhaustion, system...
EulerOS 2.0 SP9 : unbound (EulerOS-SA-2025-1048)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to...
ROS-20250114-12
A vulnerability in the implementation of the Zstandard compression method of the 7-Zip archiver is related to integer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code provided that a user opens a specially generated archive. by a user opening a special...
EulerOS 2.0 SP9 : unbound (EulerOS-SA-2025-1065)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to...
EulerOS 2.0 SP10 : unbound (EulerOS-SA-2025-1015)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries t...
CLSA-2025-1736503760 unbound: Fix of CVE-2024-8508
CVE-2024-8508: Limit number of name compression calculations per packet to prevent CPU lock and potential denial of service...
PT-2025-6066
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free bug was introduced in the Linux kernel when the switch to the crypto acomp API was made for hardware acceleration in zswap. The issue occurs because the per-CPU acomp ct...
CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
DEBIAN-CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
UBUNTU-CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55628
Suricata is affected by CVE-2024-55628 due to DNS resource name compression before version 7.0.8, which can produce small DNS messages with very large hostnames and generate oversized log records. The issue has been addressed in Suricata 7.0.8 and later. (Supported by PTSecurity/PT-2025-48205, PT...
CVE-2024-55628
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
CVE-2024-55628 Suricata oversized resource names utilizing DNS name compression can lead to resource starvation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...
Suricata 安全漏洞
Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.8 that stems from the fact that DNS resource name compression may result in small DNS messages containing very large contained hostnames...
BREACH Attack
Varnish VCL templates are vulnerable to the BREACH vulnerability. The vulnerability is due to improper handling of HTTP compression, allowing secrets to be extracted through carefully crafted requests...
BREACH Attack
ibexa/post-install is vulnerable to the BREACH attack. The vulnerability is due to improper handling of HTTP compression, allowing secrets to be extracted through carefully crafted requests...
BREACH Attack
ibexa/http-cache is vulnerable to the BREACH Attack. The vulnerability is due to improper handling of HTTP compression, allowing secrets to be extracted through carefully crafted requests...