139 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...
PT-2026-31471
Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse compressed.py that allows remote attackers to cause denial of service. Attackers can submit highly compressed payloads via URL parameters to the /json/visjs endpoint that expand to gigabytes, exhausting server...
UBUNTU-CVE-2025-68772
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...
CVE-2021-27345
A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service DOS via a crafted compressed file...
CVE-2021-27347
Use after free in lzmadecompressbuf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service DoS via a crafted compressed file...
EUVD-2005-1231
Malware in sbrugna...
EUVD-2008-3360
Malware in sbrugna...
EUVD-2018-1971
Malware in sbrugna...
EUVD-2007-1278
Malware in sbrugna...
EUVD-2008-6624
Malware in sbrugna...
EUVD-2021-14105
Malware in sbrugna...
EUVD-2023-46954
Malicious code in bioql PyPI...
CVE-2023-42521
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...
CVE-2020-25467
A null pointer dereference was discovered lzodecompressbuf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service DOS via a crafted compressed file...
[SECURITY] Fedora 41 Update: libxmp-4.6.2-3.fc41
Libxmp is a library that renders module files to PCM data. It supports over 90 mainstream and obscure module formats including Protracker MOD, Scream Tracker 3 S3M, Fast Tracker II XM, and Impulse Tracker IT. Many compressed module formats are supported, including popular Unix, DOS, and Amiga fil...
CVE-2024-12387
A vulnerability in the binary-husky/gptacademic repository, as of commit git 3890467, allows an attacker to crash the server by uploading a specially crafted zip bomb. The server decompresses the uploaded file and attempts to load it into memory, which can lead to an out-of-memory crash. This iss...
CVE-2024-12387
CVE-2024-12387 affects the binary-husky/gpt_academic repository (commit git 3890467). The issue arises from improper input validation when handling uploaded compressed files, allowing an attacker to upload a zip bomb that expands in memory and triggers a server out-of-memory crash. Multiple conne...
USN-7274-1 atril vulnerabilities
It was discovered that Atril incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2019-1010006 Andy Nguyen discovered that Atril incorrectly handled certain images...
CVE-2024-24122
CVE-2024-24122 describes a remote code execution in Wanxing Technology’s Yitu project management. A crafted exp.adpx file is treated as a zip archive with a special filename, enabling decompression of the project file into the system startup folder, followed by a system restart and automatic exec...
CVE-2024-42273
In the Linux kernel, the following vulnerability has been resolved: f2fs: assign CURSEGALLDATAATGC if blkaddr is valid mkdir /mnt/test/comp f2fsio setflags compression /mnt/test/comp dd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1 truncate --size 13 /mnt/test/comp/testfile In the above...