Use of Uninitialized Resource in libp2p-deflate

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

CVE-2020-36443

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

CVE-2020-36443

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

Code injection

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

CVE-2020-36443

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

CVE-2020-36443

CVE-2020-36443 affects the libp2p-deflate crate prior to 0.27.1 for Rust. Root cause: an uninitialized buffer is passed to AsyncRead::poll_read(), invoked by a user-provided trait implementation. Impact: potential memory exposure from uninitialized memory; CVSS v3.1 base score 9.8 (CRITICAL), net...

CVE-2021-21419

Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to...

Denial Of Service (DoS)

ws is vulnerable to denial of service DoS attacks. A malicious user is able to cause the process to crash by using the permessage-deflate extension...

GHSA-HF5H-HH56-3VRG Denial of Service in uws

Affected versions of uws do not properly handle large websocket messages when permessage-deflate is enabled, which may result in a denial of service condition. If uws recieves a 256Mb websocket message when permessage-deflate is enabled, the server will compress the message prior to executing the...

Denial of Service in uws

Affected versions of uws do not properly handle large websocket messages when permessage-deflate is enabled, which may result in a denial of service condition. If uws recieves a 256Mb websocket message when permessage-deflate is enabled, the server will compress the message prior to executing the...

OSV-2020-1598 Use-of-uninitialized-value in longest_match

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24804 Crash type: Use-of-uninitialized-value Crash state: longestmatch deflatefast deflate...

Denial Of Service (DoS)

cURL is vulnerable to denial of service DoS. When deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code...

Denial Of Service (DoS)

netty is vulnerable to denial of service DoS. During compression or decompression process of a streams of bytes using DEFLATE algorithm, the codec does not properly handle the buffer allocation sizes, leading to a memory pool exhaustion...

UBUNTU-CVE-2019-20382

QEMU 4.1.0 has a memory leak in zrlecompressdata in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd...

Xencrypt - A PowerShell Script Anti-Virus Evasion Tool

Tired of wasting lots of time obfuscating PowerShell scripts like invoke-mimikatz only to have them get detected anyway? Wouldn't it be awesome if you could take any script and automatically and with almost no effort generate a near-infinite amount of variants in order to defeat signature-based...

PT-2021-5788

Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2 Description A heap-based Buffer Overflow issue exists in the deflate16 function of the FFmpeg library, specifically in the libavfilter/vf neighbor.c file. This could lead to memory corruption and other potential consequences...

Fedora Update for advancecomp FEDORA-2019-b30b48200c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: advancecomp-2.1-11.fc30

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

Fedora Update for advancecomp FEDORA-2019-74a285d0ad

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: advancecomp-2.1-10.fc30

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...