The vulnerability of the Python commonutils.py module, a set of tools for automating function design, neural architecture search, hyperparameter tuning, and model compression of Neural Network Intelligence (NNI), allows attackers to execute arbitrary code.

The vulnerability of the Python commonUtils.py module, a set of tools for automating function design, neural network architecture search, hyperparameter tuning, and Neural Network Intelligence NNI model compression, is related to improper code generation. Exploiting this vulnerability allows an...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This is a PoC exploit for CVE-2020-0796, a SMBv3 RCE vulnerability. The scanner is designed to test whether a server is vulnerable to this exploit. It checks for SMB dialect 3.1.1 and compression capability through a negotiate request. The scanner sends a specially crafted SMB packet to the targe...

Halve the size of images by optimising for high density displays

A long time ago we had monitors of varying resolutions, but once we started to go beyond 1024x768, screens started to get bigger as resolution got bigger. Then full-colour web-capable mobile phones arrived, but the story was the same. They had small screens, but also small resolutions. Then in 20...

Irzip Reuse After Release Vulnerability

Irzip is a compression utility that excels at compressing large files. A post-release reuse vulnerability exists in the lzmadecompressbuf function in stream.c in Irzip version 0.631, which can be exploited by an attacker to cause a denial of service via specially crafted compressed files...

RLSA-2021:2354 Important: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...

Important: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...

libwebp security update

An update is available for libwebp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libwebp packages provide a library and tools for the WebP graphics format...

USN-4968-2: LZ4 vulnerability

USN-4968-1 fixed a vulnerability in LZ4. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a...

USN-4968-2 lz4 vulnerability

USN-4968-1 fixed a vulnerability in LZ4. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a...

[SECURITY] Fedora 33 Update: upx-3.96-9.fc33

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 34 Update: upx-3.96-9.fc34

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

Fedora: Security Advisory for upx (FEDORA-2021-737766a313)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for upx (FEDORA-2021-ceb9db8de0)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of TTC and JPEG2000 parsers in VMware Workstation and the Horizon Client for Windows virtualization client software, related to information disclosure, allows attackers to gain unauthorized access to protected information.

The vulnerability of the TTC and JPEG2000 parsers in VMware Workstation’s hypervisor and VMware Horizon Client for Windows’ virtualization client systems is related to information disclosure. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

GHSA-25XM-HR59-7C27 github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)

Impact xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. Patches The problem has been fixed in release v0.5.8. Workarounds Limit the size ...

github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)

Impact xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. Patches The problem has been fixed in release v0.5.8. Workarounds Limit the size ...

SMBv3 Compression Buffer Overflow

A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This remove exploit implementation leverages this flaw to execute code in the context of the kernel, finally yielding a session as NT AUTHORITY\SYSTE...

[SECURITY] [DSA 4919-1] lz4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4919-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 21, 2021 https://www.debian.org/security/faq -...

RHEL 8 : brotli (RHSA-2021:1702)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1702 advisory. Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffma...

corosync bug fix and enhancement update

An update is available for corosync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync packages provide the Corosync Cluster Engine and C APIs for Roc...