125 matches found
GSD-2022-1001973 lz4: fix LZ4_decompress_safe_partial read out of bound
lz4: fix LZ4decompresssafepartial read out of bound This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.111 by commit...
F-Secure Anti-Virus 安全漏洞
F-secure F-Secure Anti-Virus is a suite of antivirus software from the Finnish company F-Secure F-secure. The program integrates several virus monitoring engines for real-time virus scanning of the operating system and provides powerful background management features. A security vulnerability...
UBUNTU-CVE-2021-39262
A crafted NTFS image can cause an out-of-bounds access in ntfsdecompress in NTFS-3G 2021.8.22...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression DecodeTreeBlock feature of AT&T Labs Xmill 0.7, which allows an attacker to supply a specially crafted XMI file leading to remote code execution...
libarchive RAR5 file decompression vulnerability
Libarchive is an open source, C programming library under the BSD license that implements streaming access to a variety of different archive formats. A RAR5 file decompression vulnerability exists in versions of libarchive prior to 3.4.2. The vulnerability stems from libarchive attempting to...
CVE-2019-16535
Аn OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol. Eldar Zaitov of Yandex Information Security Team...
Long Range Zip Denial of Service Vulnerability (CNVD-2019-14257)
Long Range Zip a.k.a. lrzip is an open source compression utility for large file compression.LZO is one of the lossless data compression algorithms used in... A security vulnerability exists in the 'lzo1xdecompress' function in the liblzo2.so.2 file of LZO version 2.10 used in lrzip version 0.631...
PT-2018-5238 · Poco +1 · Poco C++ Libraries +1
Name of the Vulnerable Software and Affected Versions: POCO C++ Libraries versions prior to 1.8 Description: The issue concerns a "file path injection vulnerability" in the ZipCommon::isValidPath function, which does not properly restrict the filename value in the ZIP header. This allows attacker...
CVE-2017-2991
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec related to decompression. Successful exploitation could lead to arbitrary code execution...
The vulnerability of the Flash Player software allows a malicious attacker to execute arbitrary code or cause a service failure.
The Flash Player software contains a vulnerability that stems from the use of memory after decompression in the ByteArray::UncompressViaZlibVariant function. This vulnerability can be exploited by malicious actors using a specially crafted swf file. As a result of exploiting this vulnerability,...
OurPHP backend has an arbitrary file upload vulnerability
OurPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. The upload file management module under the "Global/Interface" module in the administration background of OurPHP has the function of uploading hidden files. Since the...
miniunzip 'minizip.c' Directory Traversal Vulnerability
miniunzip is a decompression program. A directory traversal vulnerability exists in miniunzip 'minizip.c' when processing compressed files, allowing an attacker to exploit the vulnerability to overwrite system files...
DEBIAN-CVE-2014-0118
The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...
UBUNTU-CVE-2014-0118
The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...
CVE-2010-1879
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...
Design/Logic Flaw
Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."...
CVE-2010-1879
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...
CVE-2010-1879
CVE-2010-1879 corresponds to a remote code execution vulnerability in Microsoft DirectShow/Media Decompression. The issue affects Quartz.dll (DirectShow), Windows Media Format Runtime versions 9, 9.5, 11, Media Encoder 9, and Asycfilt.dll, where specially crafted media data (notably MJPEG in AVI ...
Development tips: ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net
I think we all have some opened 8 0 port of broiler bar,if it is domestic for security do not look down,if you do not wish to see,I dedicate ugly,in order to initiate. In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad...
Design/Logic Flaw
Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression...