Rocket Compression is vulnerable to dll hijacking

Wuhan Xiaomi Network Technology Co., Ltd. business scope includes: computer software and hardware research, development, technical consulting, technical services; network engineering design and installation; computers and accessories, electronic products excluding electronic publications and so o...

Fluent Bit Buffer Overflow Vulnerability

Fluent Bit is an open source log processing and analysis system written in C. A buffer overflow vulnerability exists in Fluent Bit version 1.6.4, which stems from the fact that flbgzipcompress in flbgzip.c has an out-of-bounds write operation because it fails to use the correct calculation of the...

CVE-2020-35963

flbgzipcompress in flbgzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion...

Fluent Bit 缓冲区错误漏洞

Fluent Bit is an open source log processing and analysis system written in C. A buffer overflow vulnerability exists in Fluent Bit version 1.6.4, which stems from the fact that flbgzipcompress in flbgzip.c has an out-of-bounds write operation because it fails to use the correct calculation of the...

OPENSUSE-SU-2020:2337-1 Security update for blosc

This update for blosc fixes the following issues: Update to version 1.20.1 boo1179914 CVE-2020-29367: More saftey checks have been implemented so that potential flaws discovered by new fuzzers in OSS-Fuzzer are fixed now BloscLZ updated to 2.3.0. Expect better compression ratios for faster codecs...

CVE-2020-29385

GNOME gdk-pixbuf aka GdkPixbuf before 2.42.2 allows a denial of service infinite loop in lzw.c in the function writeindexes. if c-selfcode equals 10, self-codetable10.extends will assign the value 11 to c. The next execution in the loop will assign self-codetable11.extends to c, which will give t...

CVE-2020-29385

GNOME gdk-pixbuf aka GdkPixbuf before 2.42.2 allows a denial of service infinite loop in lzw.c in the function writeindexes. if c-selfcode equals 10, self-codetable10.extends will assign the value 11 to c. The next execution in the loop will assign self-codetable11.extends to c, which will give t...

CVE-2020-29385

GNOME gdk-pixbuf aka GdkPixbuf before 2.42.2 allows a denial of service infinite loop in lzw.c in the function writeindexes. if c-selfcode equals 10, self-codetable10.extends will assign the value 11 to c. The next execution in the loop will assign self-codetable11.extends to c, which will give t...

go-toolset:ol8 security update

delve 1.4.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.4.1-1 - Rebase to 1.4.1 - Resolves: rhbz1821281 - Related: rhbz1820596 1.4.0-2 - Change i686 to a better macro - Related: rhbz1820596 1.4.0-1 - Rebase to 1.4.0 - Remove Patch1781 - Related: rhbz1820596 1.3.2-3 -...

netty: compression/decompression codecs don't enforce limits on buffer allocation sizes

A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error OOME or exhaustion of the memory pool...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0091)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libxml2 packages installed that are affected by multiple vulnerabilities: - Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of...

CVE-2020-29385

GNOME gdk-pixbuf aka GdkPixbuf before 2.42.2 allows a denial of service infinite loop in lzw.c in the function writeindexes. if c-selfcode equals 10, self-codetable10.extends will assign the value 11 to c. The next execution in the loop will assign self-codetable11.extends to c, which will give t...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in several Qualcomm products, which...

Denial Of Service (DoS)

openexr is vulnerable to denial of service DoS. The vulnerability exists in the DwaCompressor::uncompress in ImfDwaCompressor.cpp due to the out-of-bounds read and write when handling the UNKNOWN compression, allowing an attacker to crash the application...

Buffer Overflow

Buffer overflow in the listfiles function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service crash via vectors related to the compression method...

Understanding Emerging Video Formats

In my previous post, we discussed two new image formats: High-Efficiency Image File HEIF and AV1 Image File AVIF. In this article, we'll take a closer look at two emerging video formats built on the same foundations. Akamai Image & Video Manager IVM already supports the key video codecs H.264,...

Understanding New Image Formats

Akamai Image & Video Manager IVM already supports key modern image types, such as WebP, JPEG 2000, and JPEG XR, but the imaging industry is always evolving and raising the bar on the balance of compression and quality. In addition, creative and development teams are regularly asking about new...

Integer overflow

An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow...

CVE-2020-29367

CVE-2020-29367 affects Blosc C-Blosc2 (Blosc devel up to version 2.0.0.beta.5). A heap-based buffer overflow occurs when there is insufficient space to write compressed data, potentially impacting programs that rely on Blosc for compression. The vulnerability is described with a high impact on co...

Pixar OpenUSD Binary File Format Token Strings Information Leak Vulnerability

Summary A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This...