Lucene search
+L

101 matches found

osv
osv
added 2026/01/21 9:4 a.m.13 views

RLSA-2026:0752 Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

7.5CVSS5.6AI score0.00562EPSS
Exploits0References2
oraclelinux
oraclelinux
added 2026/01/19 12:0 a.m.9 views

jmc security update

8.2.0-4 - Bump LZ4 Version to 1.10.2. Related: RHEL-135478...

8.2CVSS5.5AI score0.00562EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/01/03 12:0 a.m.4 views

PT-2026-2158

Name of the Vulnerable Software and Affected Versions zlib versions up to and including 1.3.1.2 Description zlib versions up to and including 1.3.1.2 contain a global buffer overflow in the untgz utility. The TGZfname function uses an unbounded strcpy call to copy an attacker-supplied archive nam...

10CVSS7.3AI score0.00381EPSS
Exploits0References35
cve
cve
added 2025/10/23 12:0 a.m.3594 views

CVE-2025-62813

CVE-2025-62813 corresponds to a vulnerability in LZ4 processing of untrusted frames (CVE-2025-62813) that can cause a denial of service or other unspecified impact. Connected advisories show affected packages across Linux distributions: LZ4 (versions less than 1.9.4-2 on Amazon Linux 2/ALAS2 and ...

6.9AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2004-0795

Malware in sbrugna...

2.1CVSS8.9AI score0.00476EPSS
Exploits0References22
osv
osv
added 2025/09/24 1:30 p.m.12 views

USN-7770-1 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

7.8CVSS6.6AI score0.01345EPSS
Exploits8References185
osv
osv
added 2025/08/28 7:50 p.m.10 views

USN-7704-5 linux-gke, linux-kvm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS6.7AI score0.00205EPSS
Exploits0References22
nessus
nessus
added 2025/08/22 12:0 a.m.2 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.2)

The version of AHV installed on the remote host is prior to 10.0.1.2 / AHV-10.0.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.2 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging...

8.8CVSS7AI score0.26049EPSS
Exploits6References12
ubuntu
ubuntu
added 2025/08/21 8:29 p.m.9 views

USN-7704-4: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS7.3AI score0.00205EPSS
Exploits0
osv
osv
added 2025/08/20 12:0 a.m.10 views

USN-7704-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle-5.15, linux-realtime, linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...

7.8CVSS6.7AI score0.00205EPSS
Exploits0References22
nessus
nessus
added 2025/08/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-57923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length...

5.5CVSS6AI score0.00209EPSS
Exploits0References2
suse
suse
added 2025/07/28 2:7 p.m.3 views

Security update for boost

This update for boost fixes the following issues: CVE-2016-9840: Fixed out-of-bounds pointer arithmetic in zlib in beast bsc1245936 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

8.8CVSS7AI score0.04793EPSS
Exploits0References4
fedora
fedora
added 2025/04/11 1:53 a.m.10 views

[SECURITY] Fedora 40 Update: openvpn-2.6.14-1.fc40

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS7.6AI score0.00815EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2025/04/09 12:0 a.m.10 views

The vulnerability of the command-line tool of the Zstandard data compression library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the command-line tool of the Zstandard data compression library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.01588EPSS
Exploits0References11Affected Software3
fedora
fedora
added 2025/04/08 1:29 a.m.9 views

[SECURITY] Fedora 41 Update: openvpn-2.6.14-1.fc41

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS6.9AI score0.00815EPSS
Exploits0
nvd
nvd
added 2025/04/03 5:15 p.m.11 views

CVE-2025-31115

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

8.7CVSS0.00647EPSS
Exploits0References7
mscve
mscve
added 2025/03/14 7:0 a.m.5 views

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic

...

9.8CVSS7.1AI score0.0755EPSS
Exploits0
mscve
mscve
added 2025/03/14 7:0 a.m.6 views

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic

...

8.8CVSS7.3AI score0.04793EPSS
Exploits0
fedora
fedora
added 2024/10/12 1:52 a.m.9 views

[SECURITY] Fedora 39 Update: rust-libcramjam0.2-0.2.0-7.fc39

Compression library combining a plethora of algorithms in a similar as possible API...

7.3AI score
Exploits0
redhatcve
redhatcve
added 2024/06/05 1:33 p.m.36 views

CVE-2024-36124

A flaw was found in the iq80 Snappy compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed, and thi...

5.3CVSS5.4AI score0.00487EPSS
Exploits0References4
Rows per page
Query Builder