CVE-2026-48594

The CVE-2026-48594 issue affects elixir-tesla/tesla: when Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression is used, HTTP responses are decompressed eagerly without a size cap. The decompress_body/2 path passes the full body to :zlib.gunzip/1 or :zlib.unzip/1, and compression_al...

SUSE-SU-2026:21382-1 Security update for python-Pillow

This update for python-Pillow fixes the following issue: - CVE-2026-40192: Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks bsc1262184...

TencentOS Server 4: lz4 (TSSA-2025:0847)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0847 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2024-23852

Malicious code in bioql PyPI...

SUSE-SU-2025:20047-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. - CVE-2023-52581: netfilter: nftables: fix memleak when more than 255...

PT-2023-28244 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

speex security update

An update is available for speex. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Speex is a patent-free compression format designed especially for speech. It is...

ALSA-2022:8139 Low: wavpack security update

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wavpack: Heap out-of-bounds read in WavpackPackSamples CVE-2021-44269 For more details about the security issues, including the impact, a CVSS score,...

Fedora: Security Advisory for golang-github-snappy (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

ulikunitz/xz: Infinite loop in readUvarint allows for denial of service

A flaw was found in github.com/ulikunitz/xz. The function readUvarint may not terminate a loop what could lead to denial of service DoS...

[SECURITY] Fedora 32 Update: wavpack-5.4.0-1.fc32

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

[SECURITY] Fedora 30 Update: wavpack-5.1.0-16.fc30

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure Vulnerability

Exploit for hardware platform in category web applications BEWARD N100 H.264 VGA IP Camera M2.1.6 Unauthenticated RTSP Stream Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for ...

DEBIAN-CVE-2018-11230

jbig2addpage in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted file...

The vulnerabilities of programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat allow attackers to execute arbitrary code.

The vulnerability of JPEG 2000 components in programs for viewing and editing PDF files, such as Adobe Reader, Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, and Adobe Acrobat, arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow a...

Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : tiff vulnerabilities (USN-1631-1)

It was discovered that LibTIFF incorrectly handled certain malformed images using the PixarLog compression format. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly...

Heap overflow

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

CVE-2012-4447

CVE-2012-4447 : A heap-based buffer overflow in tif_pixarlog.c of LibTIFF allows remote attackers to crash the application and potentially execute code via a crafted TIFF image using PixarLog Compression. Affected software: LibTIFF up to version 4.0.3 (inclusive). Impact, per sources: denial of s...

CVE-2012-1461

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus...

Mandriva Update for clamav MDVSA-2010:082 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2010:082 clamav Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...