Lucene search
K

86 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 8:49 p.m.10 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: gzip: gzip-1.14-2.2.hum1 aarch64, x8664 gzip-1.14-2.2.hum1.src src Security Fixes: gzip: CVE-2026-41911 CVE-2026-41991...

6.5CVSS5.8AI score0.00326EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 10:15 a.m.29 views

CVE-2026-41992

GNU gzip is affected by a global buffer overflow in the LZH decompression logic caused by reusing a shared global state across LZ77/LZW/LZH within a single run. The vulnerability arises from a global array not reinitialized between files, enabling an attacker to deplete or poison the shared state...

7.5CVSS6AI score0.00294EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53256

Name of the Vulnerable Software and Affected Versions GNU gzip affected versions not specified Description An issue exists in the LZH decompression logic where shared global state is improperly reused between different decompression formats during a single execution. The software maintains a glob...

7.5CVSS6AI score0.00294EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : gzip-1.10-9.el9 (AXSA:2022-3914:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3914:03 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

8.8CVSS8.2AI score0.04271EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.2 views

MiracleLinux 7 : gzip-1.5-11.el7 (AXSA:2022-3181:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3181:02 advisory. gzip: arbitrary-file-write vulnerability CVE-2022-1271 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

8.8CVSS8.2AI score0.04271EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.2 views

MiracleLinux 3 : gzip-1.3.5-11.1.1.AXS3 (AXSA:2010-76:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2010-76:01 advisory. The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Security bugs fixed with this release: CVE-2010-00...

6.8CVSS7.8AI score0.04774EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1231

Malware in sbrugna...

5CVSS6AI score0.03584EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4323

Malware in sbrugna...

7.5CVSS6AI score0.05478EPSS
Exploits1References62
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-4322

Malware in sbrugna...

5CVSS6AI score0.03895EPSS
Exploits1References57
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10462

Malware in sbrugna...

5.8CVSS5.8AI score0.01361EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-0989

Malware in sbrugna...

3.7CVSS6AI score0.00655EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-2619

Malware in sbrugna...

6.8CVSS6AI score0.04179EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-4326

Malware in sbrugna...

5CVSS6AI score0.03607EPSS
Exploits1References62
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-4324

Malware in sbrugna...

7.5CVSS6AI score0.0551EPSS
Exploits1References62
RedHat Linux
RedHat Linux
added 2025/09/10 3:5 p.m.8 views

jetty-server: Jetty: Gzip Request Body Buffer Corruption

A flaw was found in Eclipse Jetty. This vulnerability allows corrupted and inadvertent data sharing between requests via a gzip error when inflating a request body. If the request body is malformed, the gzip decompression process can fail, resulting in the application inadvertently using data fro...

7.2CVSS7.1AI score0.00453EPSS
Exploits0References6
OSV
OSV
added 2025/07/10 2:30 p.m.10 views

USN-7630-1 resteasy, resteasy3.0 vulnerabilities

It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 16.04 LTS. CVE-2016-6345 It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by...

9.8CVSS7.3AI score0.04913EPSS
Exploits1References12
CVE
CVE
added 2025/05/08 5:29 p.m.360 views

CVE-2024-13009

CVE-2024-13009 (Jetty) affects Jetty 9.4.0–9.4.56 where a gzip error during inflating a request body can cause a buffer to be released incorrectly, potentially corrupting or sharing data between requests. Public IBM bulletins tie this CVE to IBM QRadar SIEM, IBM Storage Scale, and Tivoli Netcool/...

7.2CVSS7AI score0.00453EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/05 9:18 a.m.15 views

CVE-2025-0725 gzip integer overflow

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...

7.3CVSS7.1AI score0.01218EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2025/02/05 9:18 a.m.156 views

CVE-2025-0725

When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...

7.3CVSS6.9AI score0.01218EPSS
Exploits1
OSV
OSV
added 2023/09/04 11:50 a.m.14 views

USN-6335-1 busybox vulnerabilities

It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or execute arbitrary...

9.8CVSS7.1AI score0.02979EPSS
Exploits0References3
Rows per page
Query Builder