[SECURITY] Fedora 37 Update: libwebp-1.3.1-3.fc37

WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...

Fedora: Security Advisory for borgbackup (FEDORA-2023-34411d8f77)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-f8319bd876)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for borgbackup (FEDORA-2023-555f9fac30)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libwebp (FEDORA-2023-c4fa8a204d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: libwebp-1.3.1-3.fc39

WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...

CVE-2023-37281 Out-of-bounds read during IPHC address decompression

Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when processing the various IPv6 header fields during IPHC header decompression, Contiki-NG confirms the received packet buffer contains enough data as needed for that field. But no similar check is done...

[SECURITY] Fedora 39 Update: borgbackup-1.2.6-1.fc39

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

HPACK decoder panics on invalid input

Due to insufficient checking of input data, decoding certain data sequences can lead to Decoder::decode panicking rather than returning an error. Example code that triggers this vulnerability looks like this: rust use hpack::Decoder; pub fn main let input = &0x3f; let mut decoder = Decoder::new;...

[SECURITY] Fedora 38 Update: libwebp-1.3.1-3.fc38

WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently...

[SECURITY] Fedora 38 Update: borgbackup-1.2.6-1.fc38

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

[SECURITY] Fedora 37 Update: borgbackup-1.2.6-1.fc37

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

PT-2023-25881 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG versions 4.9 and prior Description: Contiki-NG is an operating system for internet-of-things devices. The issue arises during IPHC header decompression when processing IPv6 header fields. Specifically, the system fails to check if...

Number withdrawn

p7zip is a compression software. This CVE number is withdrawn...

CVE-2023-20190

A vulnerability in the classic access control list ACL compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range...

CVE-2023-20190

A vulnerability in the classic access control list ACL compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range...

Cisco IOS XR Security Vulnerability

Cisco IOS XR is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from a security flaw in the classic access control list ACL compression feature that allows an unauthenticated attacker to bypass the AC...

PT-2023-28244 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

ImageRecycle pdf & image compression < 3.1.11 - Reflected XSS

Description The plugin does not sanitise and escape the page parameters before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Oracle Linux 7 : advancecomp (ELSA-2020-1037)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1037 advisory. - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference Tenable has extracted the preceding description...