Zip Password Recovery缓冲区错误漏洞

KryLack Software Zip Password Recovery is an advanced software from KryLack Software. It is used to recover lost or forgotten passwords to Zip WinZip archives. A buffer error vulnerability exists in Passcovery ZIP Password Recovery version 3.70.69.0, which stems from a buffer overflow vulnerabili...

DEBIAN-CVE-2021-37136

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

CVE-2021-37136

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

CVE-2021-37136

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

Design/Logic Flaw

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

CVE-2021-37136

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

CVE-2021-37136

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

Netty 资源管理错误漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. A resource management error vulnerability exists in netty that stems from the Bzip2 decompression decoder function not allowin...

CVE-2021-37136

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...

CVE-2021-37136

CVE-2021-37136 : The Bzip2 decompression decoder can set no limit on the decompressed output size, affecting all Bzip2Decoder users. This under- or over-allocates memory during decompression and can trigger an OutOfMemoryError, enabling DoS. Connected IBM/ASTRA entries reiterate the same descript...

PT-2021-6324 · Unknown +4 · Clickhouse +3

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: The issue is related to a heap buffer overflow in ClickHouse's LZ4 compression codec. This occurs when parsing a malicious query, as there is no verification that copy operations in the...

CVE-2021-42388

Heap out-of-bounds read in ClickHouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2021-43305

Heap buffer overflow in ClickHouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend , don't exceed the destination buffer's limits. This iss...

Zephyr integer underflow vulnerability

Zephyr is a small real-time operating system for interconnected, resource-constrained embedded devices. an integer underflow vulnerability in 6LoWPAN IPHC header decompression in Zephyr 2.4.0 and later can be exploited by attackers to cause out-of-bounds access in the Pv6 parsing logic...

CVE-2021-33602

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive LZW decompression method, and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service o...

Design/Logic Flaw

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive LZW decompression method, and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service o...

CVE-2021-33602

The CVE-2021-33602 issue affects the F-Secure Antivirus engine, where unpacking a ZIP archive via LZW decompression can crash the scanning engine. Exploitation is described as remote and can result in Denial-of-Service of the antivirus engine. Supported sources (Red Hat, NVD, CVE lists, CNNVD) co...

F-Secure Anti-Virus 安全漏洞

F-secure F-Secure Anti-Virus is a suite of antivirus software from the Finnish company F-Secure F-secure. The program integrates several virus monitoring engines for real-time virus scanning of the operating system and provides powerful background management features. A security vulnerability...

ntfs-3g: Out-of-bounds access in ntfs_decompress()

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

GHSA-GRG4-WF29-R9VV Bzip2Decoder doesn't allow setting size restrictions for decompressed data

Impact The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack Workarounds No...