CVE-2026-45843

CVE-2026-45843 affects the Linux kernel’s SLIP/VJ-compressed TCP header handling (slip and slhc_uncompress). The vulnerability stems from decode() and pull16() not enforcing bounds against the packet end, and decode() masking its return value to 0xFFFF, causing potential over-reads when a compres...

EUVD-2013-4298

Malicious code in bioql PyPI...

GlobalSCAPE EFT Recursive Deflate Stream DoS (CVE-2023-2990)

The version of GlobalSCAPE EFT installed on the remote host is 8.0.x prior to 8.0.0.38. A denial of service DoS vulnerability exists due to improper handling of a recursively compressed packet. An unauthenticated, remote attacker can exploit this issue, via specially crafted packeet, to cause the...

SUSE CVE-2005-0037

The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop...

SUSE CVE-2013-4402

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

Slackware: Security Advisory (SSA:2013-287-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-19562

An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background Program Upgrade Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive...

GnuPG: Denial of service

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description GnuPG does not properly handle a specially crated compressed packet resulting in an infinite loop. Impact A context-dependent attacker can cause a Denial of Service. Workaround...

openSUSE Security Update : gpg2 (openSUSE-SU-2013:1546-1)

gpg2 was updated to fix a denial of service attack through infinite recursion in the compressed packet parser bnc844175 CVE-2013-4402. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

DEBIAN-CVE-2013-4402

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

CVE-2013-4421

The bufdecompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service memory consumption via a compressed packet that has a large size when it is decompressed...

Code injection

The bufdecompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service memory consumption via a compressed packet that has a large size when it is decompressed...

Oracle Linux 5 : gnupg (ELSA-2013-1458)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2013-1458 advisory. - fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted - fix CVE-2012-6085 GnuPG: readblock corrupt key input validation - fix...

GnuPG: infinite recursion in the compressed packet parser DoS

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

GnuPG: infinite recursion in the compressed packet parser DoS

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...

Debian DSA-2774-1 : gnupg2 - several vulnerabilities

Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4351 When a key or subkey had its 'key flags' subpacket set to all bits off, GnuPG currently would treat t...

Debian DSA-2773-1 : gnupg - several vulnerabilities

Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4351 When a key or subkey had its 'key flags' subpacket set to all bits off, GnuPG currently would treat the...

Debian Security Advisory DSA 2774-1 (gnupg2 - several vulnerabilities)

Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4351When a key or subkey had its key flags subpacket set to all bits off, GnuPG currently would treat the key...

Debian: Security Advisory (DSA-2773-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-4402

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message...