2501 matches found
CVE-2026-6535
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
EUVD-2026-26342
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6535
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6535
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6535 Improperly Controlled Sequential Memory Allocation in Wireshark
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6535
Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
Low: nodejs22
Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...
Wireshark 安全漏洞
Wireshark is a set of network packet analysis software developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...
Low: nodejs20
Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...
Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2026-1608)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1608 advisory. A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to...
Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1616)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1616 advisory. A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to...
Medium: nodejs24
Issue Overview: @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric...
Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1609)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1609 advisory. @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbound...
Linux Distros Unpatched Vulnerability : CVE-2026-6535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service CVE-2026-6535 Note that Nessus relies on the...
PT-2026-36072
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description A crash in the dissection engine during zlib decompression can lead to a denial of service. Recommendations Update Wireshark versions 4.6.0 through 4.6....
KLA91016 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Monero protocol dissector can be exploited to cause a denial...
Security Bulletin: Due to the use of Perl, IBM Tivoli Network Manager IP Edition (ITNM) is affected by vulnerable version of Zlib within Perl.
Summary Perl is used by IBM Tivoli Network Manager IP Edition ITNM for core agents processing, collectors and general tooling CVE-2026-4176. Vulnerability Details CVEID:CVE-2026-4176 DESCRIPTION: Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9...
zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption
...
Buffer Overflow
zlib is vulnerable to a buffer overflow. The vulnerability is due to insufficient capacity validation in the zstreambufferungets function of Zlib::GzipReader before shifting existing data with memmove, which allows an attacker to trigger memory corruption by supplying crafted input that causes th...
EUVD-2026-23278
Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption...