3663 matches found
ALSA-2022:8139 Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wavpack: Heap out-of-bounds read in WavpackPackSamples CVE-2021-44269 For more details about the security issues, including the impact, a CVSS score,...
ALSA-2022:7979 Low: speex security update
Speex is a patent-free compression format designed especially for speech. It is specialized for voice communications at low bit-rates. Security Fixes: speex: divide by zero in readsamples via crafted WAV file CVE-2020-23903 For more details about the security issues, including the impact, a CVSS...
Important: mingw-zlib security update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...
Moderate: logrotate security update
The logrotate utility simplifies the administration of multiple log files by allowing their automatic rotation, compression, removal, and mailing. Security Fixes: logrotate: potential DoS from unprivileged users via the state file CVE-2022-1348 For more details about the security issues, includin...
ALSA-2022:8420 Important: mingw-zlib security update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...
Low: speex security update
Speex is a patent-free compression format designed especially for speech. It is specialized for voice communications at low bit-rates. Security Fixes: speex: divide by zero in readsamples via crafted WAV file CVE-2020-23903 For more details about the security issues, including the impact, a CVSS...
Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wavpack: Heap out-of-bounds read in WavpackPackSamples CVE-2021-44269 For more details about the security issues, including the impact, a CVSS score,...
Unblob - Extract Files From Any Kind Of Container Formats
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats , extracts their content recursively , and carves out unknown chunks that have not been accounted for. Unblob is free to use ,...
PT-2022-35643 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.220 Description: The issue is related to the xfrm component, specifically with the update of ipcomp scratches when freed. The actual impact and attack plausibility have not yet been proven. Recommendations:...
Metasploit Weekly Wrap-Up
ADCS - ESC Vulnerable certificate template finder Our very own Grant Willcox has developed a new module which allows users to query a LDAP server for vulnerable Active Directory Certificate Services AD CS certificate templates. The module will print the detected certificate details, and the attac...
Binary Vulnerability in Pbzip2
PBZIP2 is a concurrent compression program. A binary vulnerability exists in Pbzip2 that can be exploited by an attacker to cause a denial of service attack...
Pbzip2 has a binary vulnerability (CNVD-2022-88832)
PBZIP2 is a concurrent compression program. A binary vulnerability exists in Pbzip2 that can be exploited by an attacker to obtain sensitive information...
Debian dla-3176 : clickhouse-client - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3176 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3176-1 [email protected]...
zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large number of distant matches crafted payloads, the buffer into which the compressed or deflated data is written...
Important: Red Hat Security Advisory: mingw-zlib security update
An update for mingw-zlib is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
libtiff: reachable assertion
A reachable assertion failure was found in libtiff's JBIG functionality. This flaw allows an attacker who can submit a crafted file to an application linked with libtiff and using the JBIG functionality, causes a crash via an assertion failure, leading to a denial of service. The exact mechanism...
Low: Red Hat Security Advisory: wavpack security update
An update for wavpack is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
ALSA-2022:7558 Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy and a unique hybrid compression mode. Security Fixes: wavpack: Heap out-of-bounds read in WavpackPackSamples CVE-2021-44269 For more details about the security issues, including the impact, a CVSS score,...
ALSA-2022:7813 Important: mingw-zlib security update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...
Important: mingw-zlib security update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...