Lucene search
K

125 matches found

OSV
OSV
added 2022/04/24 9:59 p.m.6 views

GSD-2022-1001973 lz4: fix LZ4_decompress_safe_partial read out of bound

lz4: fix LZ4decompresssafepartial read out of bound This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.111 by commit...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2021/10/06 12:0 a.m.4 views

F-Secure Anti-Virus 安全漏洞

F-secure F-Secure Anti-Virus is a suite of antivirus software from the Finnish company F-Secure F-secure. The program integrates several virus monitoring engines for real-time virus scanning of the operating system and provides powerful background management features. A security vulnerability...

5.5CVSS5.9AI score0.00563EPSS
Exploits0References3
OSV
OSV
added 2021/09/07 3:15 p.m.3 views

UBUNTU-CVE-2021-39262

A crafted NTFS image can cause an out-of-bounds access in ntfsdecompress in NTFS-3G 2021.8.22...

7.8CVSS6.8AI score0.00418EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.5 views

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression DecodeTreeBlock feature of AT&T Labs Xmill 0.7, which allows an attacker to supply a specially crafted XMI file leading to remote code execution...

9.8CVSS8.2AI score0.01136EPSS
Exploits1References5
CNVD
CNVD
added 2020/02/21 12:0 a.m.3 views

libarchive RAR5 file decompression vulnerability

Libarchive is an open source, C programming library under the BSD license that implements streaming access to a variety of different archive formats. A RAR5 file decompression vulnerability exists in versions of libarchive prior to 3.4.2. The vulnerability stems from libarchive attempting to...

8.8CVSS7AI score0.02251EPSS
Exploits0References1
ClickHouse
ClickHouse
added 2019/09/10 12:0 a.m.10 views

CVE-2019-16535

Аn OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol. Eldar Zaitov of Yandex Information Security Team...

9.8CVSS5.4AI score0.01695EPSS
Exploits0
CNVD
CNVD
added 2019/04/01 12:0 a.m.1 views

Long Range Zip Denial of Service Vulnerability (CNVD-2019-14257)

Long Range Zip a.k.a. lrzip is an open source compression utility for large file compression.LZO is one of the lossless data compression algorithms used in... A security vulnerability exists in the 'lzo1xdecompress' function in the liblzo2.so.2 file of LZO version 2.10 used in lrzip version 0.631...

5.5CVSS6.9AI score0.01184EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/01/03 12:0 a.m.11 views

PT-2018-5238 · Poco +1 · Poco C++ Libraries +1

Name of the Vulnerable Software and Affected Versions: POCO C++ Libraries versions prior to 1.8 Description: The issue concerns a "file path injection vulnerability" in the ZipCommon::isValidPath function, which does not properly restrict the filename value in the ZIP header. This allows attacker...

9.8CVSS7.5AI score0.06643EPSS
Exploits2References22
OSV
OSV
added 2017/02/15 6:59 a.m.1 views

CVE-2017-2991

Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec related to decompression. Successful exploitation could lead to arbitrary code execution...

8.8CVSS6AI score0.08666EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.8 views

The vulnerability of the Flash Player software allows a malicious attacker to execute arbitrary code or cause a service failure.

The Flash Player software contains a vulnerability that stems from the use of memory after decompression in the ByteArray::UncompressViaZlibVariant function. This vulnerability can be exploited by malicious actors using a specially crafted swf file. As a result of exploiting this vulnerability,...

10CVSS8.3AI score0.8582EPSS
Exploits5References4Affected Software1
CNVD
CNVD
added 2016/05/16 12:0 a.m.4 views

OurPHP backend has an arbitrary file upload vulnerability

OurPHP 傲派建站系统 is a website content management system developed using PHP language, the developer is Harbin Weicheng Technology Co. The upload file management module under the "Global/Interface" module in the administration background of OurPHP has the function of uploading hidden files. Since the...

7AI score
Exploits0
CNVD
CNVD
added 2015/01/06 12:0 a.m.2 views

miniunzip 'minizip.c' Directory Traversal Vulnerability

miniunzip is a decompression program. A directory traversal vulnerability exists in miniunzip 'minizip.c' when processing compressed files, allowing an attacker to exploit the vulnerability to overwrite system files...

5.5CVSS6.9AI score0.04086EPSS
Exploits0References1
OSV
OSV
added 2014/07/20 11:12 a.m.2 views

DEBIAN-CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

4.3CVSS8.8AI score0.37156EPSS
Exploits0References1
OSV
OSV
added 2014/07/20 12:0 a.m.3 views

UBUNTU-CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

4.3CVSS6.8AI score0.37156EPSS
Exploits0References4
NVD
NVD
added 2010/06/08 10:30 p.m.24 views

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

9.3CVSS7.5AI score0.20284EPSS
Exploits1References3
Prion
Prion
added 2010/06/08 10:30 p.m.13 views

Design/Logic Flaw

Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."...

9.3CVSS8AI score0.21221EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2010/06/08 10:0 p.m.29 views

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

7.4AI score0.20284EPSS
Exploits1References3
CVE
CVE
added 2010/06/08 10:0 p.m.80 views

CVE-2010-1879

CVE-2010-1879 corresponds to a remote code execution vulnerability in Microsoft DirectShow/Media Decompression. The issue affects Quartz.dll (DirectShow), Windows Media Format Runtime versions 9, 9.5, 11, Media Encoder 9, and Asycfilt.dll, where specially crafted media data (notably MJPEG in AVI ...

9.3CVSS7.5AI score0.20284EPSS
Exploits1References3Affected Software1
myhack58
myhack58
added 2009/07/21 12:0 a.m.14 views

Development tips: ASP Trojan FTP and decompression-vulnerability warning-the black bar safety net

I think we all have some opened 8 0 port of broiler bar,if it is domestic for security do not look down,if you do not wish to see,I dedicate ugly,in order to initiate. In broilers placed on the website,the most troublesome is probably the update and upload a lot of files, Terminal Services broad...

7.4AI score
Exploits0
Prion
Prion
added 2009/04/15 8:0 a.m.15 views

Design/Logic Flaw

Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression...

9.3CVSS8.1AI score0.31808EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder