CVE-2026-48594

The CVE-2026-48594 issue affects elixir-tesla/tesla: when Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression is used, HTTP responses are decompressed eagerly without a size cap. The decompress_body/2 path passes the full body to :zlib.gunzip/1 or :zlib.unzip/1, and compression_al...

SUSE-SU-2026:21382-1 Security update for python-Pillow

This update for python-Pillow fixes the following issue: - CVE-2026-40192: Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks bsc1262184...

TencentOS Server 4: lz4 (TSSA-2025:0847)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0847 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2024-23852

Malicious code in bioql PyPI...

SUSE-SU-2025:20047-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. - CVE-2023-52581: netfilter: nftables: fix memleak when more than 255...

PT-2023-28244 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

speex security update

An update is available for speex. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Speex is a patent-free compression format designed especially for speech. It is...

ALSA-2022:8139 Low: wavpack security update

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wavpack: Heap out-of-bounds read in WavpackPackSamples CVE-2021-44269 For more details about the security issues, including the impact, a CVSS score,...

Fedora: Security Advisory for golang-github-snappy (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

ulikunitz/xz: Infinite loop in readUvarint allows for denial of service

A flaw was found in github.com/ulikunitz/xz. The function readUvarint may not terminate a loop what could lead to denial of service DoS...

[SECURITY] Fedora 32 Update: wavpack-5.4.0-1.fc32

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

[SECURITY] Fedora 30 Update: wavpack-5.1.0-16.fc30

WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled...

BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure Vulnerability

Exploit for hardware platform in category web applications BEWARD N100 H.264 VGA IP Camera M2.1.6 Unauthenticated RTSP Stream Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for ...

DEBIAN-CVE-2018-11230

jbig2addpage in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted file...

Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : tiff vulnerabilities (USN-1631-1)

It was discovered that LibTIFF incorrectly handled certain malformed images using the PixarLog compression format. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly...

Heap overflow

Heap-based buffer overflow in tifpixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format...

CVE-2012-4447

CVE-2012-4447 : A heap-based buffer overflow in tif_pixarlog.c of LibTIFF allows remote attackers to crash the application and potentially execute code via a crafted TIFF image using PixarLog Compression. Affected software: LibTIFF up to version 4.0.3 (inclusive). Impact, per sources: denial of s...

CVE-2012-1461

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus...

Mandriva Update for clamav MDVSA-2010:082 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2010:082 clamav Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for speex RHSA-2008:0235-01

Check for the Version of speex OpenVAS Vulnerability Test RedHat Update for speex RHSA-2008:0235-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...