CVE-2025-66214

Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

Security Bulletin: Netty Affected by Decompression Flaw Where BrotliDecoder Allocates Unlimited Buffers, Enabling DoS, affects watsonx.data

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially...

CVE-2023-53866 ASoC: soc-compress: Reposition and add pcm_mutex

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: Reposition and add pcmmutex If paniconwarn is set and compress streamDPCM is started, then kernel panic occurred because card-pcmmutex isn't held appropriately. In the following functions, warning were issued ...

RHEL 9 : ghostscript (RHSA-2025:22869)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22869 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

EUVD-2025-201679

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

The CVE-2025-66324 entry concerns Huawei HarmonyOS with an input verification flaw in the compression/decompression module. The root cause is improper input validation. Impact is on app data integrity; CVSS/metrics in the sources indicate high integrity/overall risk, though explicit affected vers...

PT-2025-49521

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An input verification issue exists in the compression and decompression module. Successful exploitation could impact app data integrity. Recommendations At the moment, there is no information about a...

Information-Dense Reasoning for Efficient and Auditable Security Alert Triage

Security Operations Centers face massive, heterogeneous alert streams under minute-level service windows, creating the Alert Triage Latency Paradox: verbose reasoning chains ensure accuracy and compliance but incur prohibitive latency and token costs, while minimal chains sacrifice transparency a...

Linux Distros Unpatched Vulnerability : CVE-2025-66566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java- based decompressor implementations in lz4-java 1.10.0 and...

CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

UBUNTU-CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

go-toolset:rhel8 security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-121223 golang 1.25.3-1 - Update to Go 1.25.3 sync from CentOS Stream 9 - Build go-toolset as a subpackage - Preserve GOAMD64=v1 for RHEL 8 -...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly cleaning up the IPcomp tunnel state, which could lead to a memory leak...