AdvanceCOMP 缓冲区错误漏洞

AdvanceCOMP is a cross-platform command line tool for data compression. The product is capable of optimizing compressed files and reducing their size. A security vulnerability exists in AdvanceCOMP v2.3, which stems from the inclusion of a heap buffer overflow...

AdvanceCOMP 安全漏洞

AdvanceCOMP is a cross-platform command line tool for data compression. The product is capable of optimizing compressed files and reducing their size. A security vulnerability exists in AdvanceCOMP v2.3 that stems from the inclusion of a segmentation error...

AdvanceCOMP 安全漏洞

AdvanceCOMP is a cross-platform command line tool for data compression. The product is capable of optimizing compressed files and reducing their size. A security vulnerability exists in AdvanceCOMP v2.3 that stems from the inclusion of a segmentation error...

AdvanceCOMP 安全漏洞

AdvanceCOMP is a cross-platform command line tool for data compression. The product is capable of optimizing compressed files and reducing their size. A security vulnerability exists in AdvanceCOMP v2.3 that stems from a segmentation error...

AdvanceCOMP 缓冲区错误漏洞

AdvanceCOMP is a cross-platform command line tool for data compression. The product is capable of optimizing compressed files and reducing their size. A security vulnerability exists in AdvanceCOMP v2.3, which stems from the inclusion of a heap buffer overflow...

Rocky Linux 8 : curl (RLSA-2022:6159)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6159 advisory. - curl 7.84.0 supports chained HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with differen...

CVE-2022-38791

In MariaDB before 10.9.2, compresswrite in extra/mariabackup/dscompress.cc does not release datamutex upon a stream write failure, which allows local users to trigger a deadlock...

Fedora: Security Advisory for zlib (FEDORA-2022-b58a85e167)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: zlib-1.2.11-31.fc35

Zlib is a general-purpose, patent-free, lossless data compression library which is used by many different programs...

curl security update

7.76.1-14.el90.5 - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208...

Oracle Linux 9 : curl (ELSA-2022-6157)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6157 advisory. - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 Tenable has extracted the preceding descripti...

curl: HTTP compression denial of service

A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a...

curl: HTTP compression denial of service

A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a...

curl security update

An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...

curl security update

7.61.1-22.el86.4 - fix HTTP compression denial of service CVE-2022-32206 - fix FTP-KRB bad message verification CVE-2022-32208...

PT-2022-37215 · Blosc2 · Blosc2

Name of the Vulnerable Software and Affected Versions: blosc2 affected versions not specified Description: The issue is related to a heap-buffer-overflow crash. Technical details about the crash include the do job function, blosc compress context, and blosc2 compress. Recommendations: At the...

Oracle Linux 8 : curl (ELSA-2022-6159)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6159 advisory. - fix HTTP compression denial of service CVE-2022-32206 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Explained: Steganography

Steganography is the prime example of effectively hiding something in plain sight. The word steganography comes from the Greek words "stegos" meaning "cover" and "grafia" meaning "writing." Steganography, then, is defined as "covered writing." In essence, we use the name steganography for every...

August 16, 2022—KB5016693 (OS Build 20348.946) Preview

August 16, 2022—KB5016693 OS Build 20348.946 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find o...

Fedora: Security Advisory for zlib (FEDORA-2022-3a92250fd5)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...