313 matches found
EUVD-2026-22118
A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function childprocess.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly...
CVE-2026-6219
A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function childprocess.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly...
CVE-2026-6219 aandrew-me ytDownloader Compressor Feature compressor.js child_process.exec command injection
A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function childprocess.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly...
CVE-2026-6219
A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function childprocess.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly...
CVE-2026-6219
CVE-2026-6219 affects aandrew-me ytDownloader up to 3.20.2, specifically the Compressor Feature’s compressor.js where the function child_process.exec can be abused. The underlying issue is command injection via a local attack vector; exploitation is possible where an attacker can run arbitrary co...
ytDownloader 命令注入漏洞
ytDownloader is a multi-platform audio and video download tool developed by Andrew. Versions of ytDownloader 3.20.2 and earlier had a command injection vulnerability, which originated from the function childprocess.exec in the Compressor Feature component’s file src/compressor.js...
PT-2026-32530
A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function child process.exec of the file src/compressor.js of the component Compressor Feature. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicl...
Malicious code in neural-compressor-jax (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bb1f58a45ef1a06954d1807517faea8790a771906e95a98d571587558244ea3f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Airleader Master 代码问题漏洞
Airleader Master is a management device developed by the American company Airleader, used for managing air compressors. Versions of Airleader Master 6.381 and earlier contained code vulnerabilities due to unlimited file upload capabilities, which could lead to remote code execution...
SUSE CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044 PM: hibernate: Fix crash when freeing invalid crypto compressor
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044
In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...
CVE-2026-23044
The CVE-2026-23044 issue affects the Linux kernel where hibernate crash occurs if crypto_alloc_acomp() returns an ERR_PTR instead of NULL. The cleanup paths in save_compressed_image() and load_compressed_image() call crypto_free_acomp() unconditionally, dereferencing an invalid pointer in crypto_...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unchecked failure in the compressor’s allocation process. This failure may lead to the release...
CVE-2023-40209
Missing Authorization vulnerability in Himalaya Saxena Highcompress Image Compressor.This issue affects Highcompress Image Compressor: from n/a through 6.0.0...
CVE-2024-39368
Improper neutralization of special elements used in an SQL command 'SQL Injection' in some IntelR Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of privilege via adjacent access...
[SECURITY] Fedora 42 Update: perl-Alien-Brotli-0.2.2-11.fc42
This distribution installs the brotli compressor, so that it can be used by other distributions, and provides a way to find the executable...
Unity Linux 20.1070a Security Update: deepin-compressor (UTSA-2025-991249)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991249 advisory. deepin-compressor Tenable has extracted the preceding description block directly from the Unity Linux security advisory. Note that Nessus has not tested for this iss...