Lucene search
K

3713 matches found

Oracle linux
Oracle linux
added 2025/04/10 12:0 a.m.16 views

delve and golang security update

delve 1.24.1-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.24.1-2 - Fix 3 test failures - Resolves: RHEL-83939 - Resolves: RHEL-83958 - Resolves: RHEL-7373 1.24.1-1 - Rebase to Delve 1.24.1 - Resolves: RHEL-64445 golang 1.23.6-2 - Fix runtime usleep issue on s390x...

7.5CVSS7.5AI score0.01127EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of the command-line tool of the Zstandard data compression library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the command-line tool of the Zstandard data compression library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS6.7AI score0.01588EPSS
Exploits0References11Affected Software3
F5 Networks
F5 Networks
added 2025/04/08 5:42 p.m.5 views

K000150761: gRPC vulnerabilities CVE-2023-32732 and CVE-2023-33953

Security Advisory Description CVE-2023-32732 gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed ...

7.5CVSS7.2AI score0.00531EPSS
Exploits0
Fedora
Fedora
added 2025/04/08 1:29 a.m.8 views

[SECURITY] Fedora 41 Update: openvpn-2.6.14-1.fc41

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

7.5CVSS6.9AI score0.00784EPSS
Exploits0
Fedora
Fedora
added 2025/04/06 1:21 a.m.14 views

[SECURITY] Fedora 41 Update: upx-5.0.0-1.fc41

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

5.5CVSS4.1AI score0.00274EPSS
Exploits1
Fedora
Fedora
added 2025/04/06 1:16 a.m.31 views

[SECURITY] Fedora 40 Update: upx-5.0.0-1.fc40

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

5.5CVSS4.1AI score0.00274EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2025/04/05 12:0 a.m.12 views

XZ Utils: Use after free

Background XZ Utils is free general-purpose data compression software with a high compression ratio. Description A use-after-free has been discovered in XZ utils. Please review the CVE identifier referenced below for details. Impact The multithreaded .xz decoder in liblzma has a bug where invalid...

8.7CVSS7.5AI score0.00618EPSS
Exploits0
NVD
NVD
added 2025/04/03 5:15 p.m.10 views

CVE-2025-31115

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

8.7CVSS0.00618EPSS
Exploits0References7
OSV
OSV
added 2025/04/03 4:57 p.m.18 views

CVE-2025-31115 XZ has a heap-use-after-free bug in threaded .xz decoder

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

8.7CVSS7.6AI score0.00618EPSS
Exploits0References8
OSV
OSV
added 2025/04/03 12:53 p.m.3 views

OESA-2025-1358 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of...

9.8CVSS7.5AI score0.00806EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/03 12:0 a.m.5 views

XZ Utils 安全漏洞

XZ Utils is an open source utility program by Tukaani. A security vulnerability exists in XZ Utils versions 5.3.3alpha through 5.8.0, which stems from a flaw in the multithreaded .xz decoder that could lead to a crash and reuse after release...

8.7CVSS7.4AI score0.00618EPSS
Exploits0References7
SUSE Linux
SUSE Linux
added 2025/04/02 2:49 p.m.1 views

Security update for ghostscript

This update for ghostscript fixes the following issues: CVE-2025-27831: Fixed text buffer overflow in DOCXWRITE TXTWRITE device via long characters to devices/vector/doccommon.c bsc1240075 CVE-2025-27832: Fixed compression buffer overflow in NPDL device for contrib/japanese/gdevnpdl.c bsc1240077...

7.1CVSS7.8AI score0.00806EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2025/03/30 1:36 p.m.20 views

CVE-2025-0986

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS6.8AI score0.0012EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/29 11:30 p.m.5 views

WordPress Smush Image Compression and Optimization plugin <= 3.17.0 - Directory Traversal vulnerability

Directory Traversal vulnerability discovered by SteveSec in WordPress Plugin Smush Image Compression and Optimization versions = 3.17.0...

4.1CVSS7AI score0.00288EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/28 2:15 p.m.7 views

CVE-2025-0986

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/28 1:21 p.m.12 views

CVE-2025-0986 IBM PowerVM Hypervisor data manipulation

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS6.7AI score0.0012EPSS
Exploits0References1
CVE
CVE
added 2025/03/28 1:21 p.m.65 views

CVE-2025-0986

CVE-2025-0986 affects IBM PowerVM Hypervisor FW1050.00–FW1050.30 and FW1060.00–FW1060.20. A local user, under certain Linux processor-compatibility mode configurations, can cause undetected data loss or errors when gzip is accelerated by hardware. IBM’s bulletin notes this is mitigated by upgradi...

4.5CVSS6.5AI score0.0012EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/28 1:21 p.m.44 views

CVE-2025-0986 IBM PowerVM Hypervisor data manipulation

IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain Linux processor combability mode configurations, to cause undetected data loss or errors when performing gzip compression using HW acceleration...

4.5CVSS0.0012EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.2 views

IBM PowerVM Hypervisor 安全漏洞

IBM PowerVM Hypervisor is an application from International Business Machines IBM, Inc. Providing a secure and scalable virtualized environment, these applications are built on the advanced RAS features and leading performance of the Power Systems platform. A security vulnerability exists in IBM...

4.5CVSS6.3AI score0.0012EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/27 9:33 p.m.8 views

Security Bulletin: This Power System update is being released to address CVE-2025-0986

Summary A Linux partition in Power10 processor compatibility mode can cause undetected data loss or error when performing gzip compression using hardware acceleration during a specific hardware state window. Vulnerability Details CVEID:CVE-2025-0986 DESCRIPTION: IBM PowerVM could allow a local...

4.5CVSS6.2AI score0.0012EPSS
Exploits0
Rows per page
Query Builder