CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3661 matches found

UbuntuCve•added 2019/07/25 12:0 a.m.•24 views

CVE-2019-11922

A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used...

8.1CVSS7.2AI score0.01424EPSS

Exploits0References5

FireEye•added 2019/07/25 12:0 a.m.•15 views

Finding Evil in Windows 10 Compressed Memory, Part One: Volatility and Rekall Tools

Paging all digital forensicators, incident responders, and memory manager enthusiasts! Have you ever found yourself at a client site working around the clock to extract evil from a Windows 10 image? Have you hit the wall at step zero, running into difficulties viewing a process tree, or enumerati...

6.4AI score

Exploits0References10

OSV•added 2019/07/25 12:0 a.m.•1 views

UBUNTU-CVE-2019-11922

8.1CVSS7.4AI score0.01424EPSS

Exploits0References6

Ubuntu•added 2019/07/18 5:32 p.m.•147 views

USN-4066-1: libmspack vulnerability

It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information...

5.5CVSS6.8AI score0.01464EPSS

Exploits1

Debian•added 2019/07/07 8:9 p.m.•228 views

[SECURITY] [DLA 1846-1] unzip security update

Package : unzip Version : 6.0-16+deb8u4 CVE ID : CVE-2019-13232 Debian Bug : 931433 David Fifield discovered a way to construct non-recursive "zip bombs" that achieve a high compression ratio by overlapping files inside the zip container. However the output size increases quadratically in the inp...

3.3CVSS4.3AI score0.00495EPSS

Exploits0

Github Security Blog•added 2019/07/05 9:11 p.m.•31 views

HPACK Denial of Service vulnerability (HPACK Bomb)

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...

7.8CVSS7.1AI score0.01757EPSS

Exploits0References6Affected Software1

OSV•added 2019/07/05 9:11 p.m.•24 views

GHSA-FFQ8-576R-V26G HPACK Denial of Service vulnerability (HPACK Bomb)

8.7CVSS7.3AI score0.01757EPSS

Exploits0References7

Debian•added 2019/06/24 8:24 p.m.•165 views

[SECURITY] [DLA 1833-1] bzip2 security update

Package : bzip2 Version : 1.0.6-7+deb8u1 CVE ID : CVE-2016-3189 CVE-2019-12900 Two issues in bzip2, a high-quality block-sorting file compressor, have been fixed. One, CVE-2019-12900, is a out-of-bounds write when using a crafted compressed file. The other, CVE-2016-3189, is a potential...

9.8CVSS9.1AI score0.15685EPSS

Exploits0

Check Point Advisories•added 2019/06/23 12:0 a.m.•0 views

Gzip Enforcement

...

0.8AI score

Exploits0

CNVD•added 2019/06/21 12:0 a.m.•0 views

Cisco Email Security Appliance AsyncOS Software Remote Security Bypass Vulnerability

Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. A remote security bypass vulnerability exists in the GZIP decompression engine of AsyncOS Software in the Cisco ESA, which stems from the program...

5.8CVSS6.9AI score0.0135EPSS

Exploits0References1

ATTACKERKB•added 2019/06/18 12:0 a.m.•35 views

VLC zlib_decompress_extra Double Free Vulnerability

VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...

9.8CVSS0.3AI score0.02392EPSS

Exploits0References9

Fedora•added 2019/06/04 2:22 a.m.•27 views

[SECURITY] Fedora 29 Update: wavpack-5.1.0-13.fc29

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

6.5CVSS2.4AI score0.03044EPSS

Exploits2

Fedora•added 2019/05/22 1:41 a.m.•21 views

[SECURITY] Fedora 30 Update: wavpack-5.1.0-13.fc30

6.5CVSS2.4AI score0.03044EPSS

Exploits1

OpenVAS•added 2019/05/22 12:0 a.m.•28 views

Fedora Update for wavpack FEDORA-2019-52145aa7ca

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.7AI score0.03044EPSS

Exploits1References2

Veracode•added 2019/05/16 3:19 a.m.•27 views

Memory Corruption

libmspack is vulnerable to memory corruption. The vulnerability exists in the function TOLOWER of the file mspack/chmd.c of the component CHM Compression. This would impact the confidentiality, integrity, and availability of the system...

8.8CVSS8.4AI score0.03806EPSS

Exploits0References15Affected Software1

Tenable Nessus•added 2019/05/16 12:0 a.m.•17 views

Fedora 29 : php-pecl-imagick (2019-5dc1f4100e)

Version 3.4.4 - The 3.4.4 release is intended to be the last release other than small bug fixes that will support either PHP 5.x, or ImageMagick 6.x. The next planned release will be PHP 7.0 and ImageMagick 7.0 at least, if not higher. - Added: - function Imagick::optimizeImageTransparency -...

9.8CVSS7AI score0.01972EPSS

Exploits0References2

Tenable Nessus•added 2019/05/16 12:0 a.m.•25 views

Fedora 30 : php-pecl-imagick (2019-488d0f9a4b)

9.8CVSS7AI score0.01972EPSS

Exploits0References2

Tenable Nessus•added 2019/05/16 12:0 a.m.•28 views

Fedora 28 : php-pecl-imagick (2019-9448fa46f3)

9.8CVSS7AI score0.01972EPSS

Exploits0References2

OpenVAS•added 2019/05/07 12:0 a.m.•70 views

Fedora Update for wavpack FEDORA-2019-88f264563f