142 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...
CVE-2026-56138
AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. The endpoint accepts item identifiers through the s1 and s2 query parameters and, prior to the fix, attempted to retrieve and compare item contents without first verifying that both referenced items existed ...
CVE-2026-27460 Tandoor Recipes Affected by Denial of Service via Recipe Import
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a critical Denial of Service DoS vulnerability was in the recipe import functionality. This vulnerability allows an authenticated user to crash the server or make a significantly...
PT-2026-31471
Name of the Vulnerable Software and Affected Versions Unfurl versions prior to 2026.04 Description Unfurl contains a flaw in the parse compressed.py component due to unbounded zlib decompression. Remote attackers can leverage this to cause a denial of service. Specifically, attackers can send...
UBUNTU-CVE-2025-68772
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...
CVE-2021-27345
A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service DOS via a crafted compressed file...
CVE-2021-27347
Use after free in lzmadecompressbuf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service DoS via a crafted compressed file...
EUVD-2018-1971
Malware in sbrugna...
EUVD-2008-6624
Malware in sbrugna...
EUVD-2021-14105
Malware in sbrugna...
EUVD-2005-1231
Malware in sbrugna...
EUVD-2007-1278
Malware in sbrugna...
EUVD-2008-3360
Malware in sbrugna...
EUVD-2023-46954
Malicious code in bioql PyPI...
CVE-2023-42521
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client...
CVE-2020-25467
A null pointer dereference was discovered lzodecompressbuf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service DOS via a crafted compressed file...
[SECURITY] Fedora 41 Update: libxmp-4.6.2-3.fc41
Libxmp is a library that renders module files to PCM data. It supports over 90 mainstream and obscure module formats including Protracker MOD, Scream Tracker 3 S3M, Fast Tracker II XM, and Impulse Tracker IT. Many compressed module formats are supported, including popular Unix, DOS, and Amiga fil...
CVE-2024-12387
A vulnerability in the binary-husky/gptacademic repository, as of commit git 3890467, allows an attacker to crash the server by uploading a specially crafted zip bomb. The server decompresses the uploaded file and attempts to load it into memory, which can lead to an out-of-memory crash. This iss...
CVE-2024-12387
CVE-2024-12387 affects the binary-husky/gpt_academic repository (commit git 3890467). The issue arises from improper input validation when handling uploaded compressed files, allowing an attacker to upload a zip bomb that expands in memory and triggers a server out-of-memory crash. Multiple conne...
USN-7274-1 atril vulnerabilities
It was discovered that Atril incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service or to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2019-1010006 Andy Nguyen discovered that Atril incorrectly handled certain images...