PT-2024-39063

Name of the Vulnerable Software and Affected Versions: NLnet Labs Unbound versions 1.21.0 and earlier Description: The issue arises when handling replies with very large RRsets that require name compression. Malicious upstream responses with very large RRsets can cause Unbound to spend a...

Unbound -- Denial of service attack

NLnet labs report: A vulnerability has been discovered in Unbound when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to...

CVE-2024-47611

XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...

CVE-2024-47611 XZ Utils on Microsoft Windows platform are vulnerable to argument injection

XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...

PT-2024-40590 · Git +1 · Libultrahdr

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the format message function, which is called by...

Release Information for Veeam Backup for Nutanix AHV 6.1

This update has been superseded by Veeam Backup for Nutanix AHV 7.0, which was released alongside and supports only Veeam Backup & Replication 12.3. Requirements To upgrade to Veeam Backup for Nutanix AHV 6.1, download the installer below and run it on the Veeam Backup & Replication server that...

Psobf - PowerShell Obfuscator

Tool for obfuscating PowerShell scripts written in Go. The main objective of this program is to obfuscate PowerShell code to make its analysis and detection more difficult. The script offers 5 levels of obfuscation, from basic obfuscation to script fragmentation. This allows users to tailor the...

RHSA-2021:2575 Red Hat Security Advisory: lz4 security update

Bulletin has no description...

About the security content of iOS 18 and iPadOS 18

About the security content of iOS 18 and iPadOS 18 This document describes the security content of iOS 18 and iPadOS 18. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

About the security content of macOS Ventura 13.7

About the security content of macOS Ventura 13.7 This document describes the security content of macOS Ventura 13.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

About the security content of iOS 17.7 and iPadOS 17.7

About the security content of iOS 17.7 and iPadOS 17.7 This document describes the security content of iOS 17.7 and iPadOS 17.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

The vulnerability of the LZ4 data compression algorithm, which involves errors in number processing, allows a hacker to cause a service failure.

The vulnerability of the lossless LZ4 data compression algorithm is related to errors in number processing. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend

A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent...

SUSE-SU-2024:3144-1 Security update for hdf5, netcdf, trilinos

This update for hdf5, netcdf, trilinos fixes the following issues: hdf5 was updated from version 1.10.8 to 1.10.11: - Security issues fixed: CVE-2019-8396: Fixed problems with malformed HDF5 files where content does not match expected size. bsc1125882 CVE-2018-11202: Fixed that a malformed file...

podman security update

4.9.4-10.0.1 - Fixes issue of podman execvp error while using podmansh Orabug: 36073625 - Improved saving remote build context to tarfile in Podman daemon Orabug: 36495655 - Add devices on container startup, not on creation - Backport fast gzip for compression Orabug: 36420418 - overlay: Put shou...

DEBIAN-CVE-2024-43895

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

WordPress ImageRecycle pdf & image compression plugin <= 3.1.14 - Cross-Site Request Forgery in Several AJAX Actions vulnerability

Cross-Site Request Forgery in Several AJAX Actions vulnerability discovered by Lucio Sá in WordPress Plugin ImageRecycle pdf & image compression versions = 3.1.14...

WordPress ImageRecycle pdf & image compression plugin <= 3.1.14 - Missing Authorization in Several AJAX Actions vulnerability

Missing Authorization in Several AJAX Actions vulnerability discovered by Lucio Sá in WordPress Plugin ImageRecycle pdf & image compression versions = 3.1.14...

CVE-2024-6631

CVE-2024-6631 affects the ImageRecycle pdf & image compression WordPress plugin (versions

WordPress plugin ImageRecycle pdf & image compression 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...