[SECURITY] Fedora 26 Update: borgbackup-1.1.3-1.fc26

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

[SECURITY] Fedora 27 Update: borgbackup-1.1.3-1.fc27

BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...

DEBIAN-CVE-2016-1253

The most package in Debian wheezy before 5.0.0a-2.2, in Debian jessie before 5.0.0a-2.3+deb8u1, and in Debian unstable before 5.0.0a-3 allows remote attackers to execute arbitrary commands via shell metacharacters in the name of an LZMA-compressed file...

Vulnerability Walkthrough: 7zip CVE-2016-2334 HFS+ Code Execution Vulnerability

This blog post was authored by Marcin Noga of Cisco Talos.IntroductionIn 2016 Talos released an advisory for CVE-2016-2334, which was a remote code execution vulnerability affecting certain versions of 7zip, a popular compression utility. In this blog post we will walk through the process of...

[SECURITY] Fedora 25 Update: jbig2dec-0.14-1.fc25

jbig2dec is a decoder implementation of the JBIG2 image compression format. JBIG2 is designed for lossy or lossless encoding of 'bilevel' 1-bit monochrome images at moderately high resolution, and in particular scanned paper documents. In this domain it is very efficient, offering compression...

[SECURITY] Fedora 26 Update: jbig2dec-0.14-1.fc26

jbig2dec is a decoder implementation of the JBIG2 image compression format. JBIG2 is designed for lossy or lossless encoding of 'bilevel' 1-bit monochrome images at moderately high resolution, and in particular scanned paper documents. In this domain it is very efficient, offering compression...

KMPlayer 4.2.2.4 - Denial of Service

KMPlayer 4.2.2.4 - Denial of Service ! /usr/bin/perl Exploit Title: KMPlayer .nsv Denial of Service Date: 2017-11-22 Exploit Author: R.Yavari Version: v4.2.2.4 Tested on: Windows 10 , Windows 7 other version should be affected NSV is Streaming video container format developed by Nullsoft; used fo...

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

Out-of-bounds

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

CVE-2017-16840 affects FFmpeg 3.0 and 3.4, where the VC-2 video encoder (libavcodec/vc2enc.c and vc2enc_dwt.c) allows a remote attacker to trigger a denial of service via an out-of-bounds read caused by incorrect buffer padding for non-Haar wavelets. The issue has been fixed in FFmpeg 3.4.x relea...

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

FFmpeg Denial of Service Vulnerability (CNVD-2017-37755)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team.VC-2 Video Compression encoder is one of the video compression encoders. A security vulnerability exists in the VC-2 Video Compression encoder in FFmpeg version 3.4. A remote attacker can...

[SECURITY] Fedora 27 Update: jbig2dec-0.14-1.fc27

jbig2dec is a decoder implementation of the JBIG2 image compression format. JBIG2 is designed for lossy or lossless encoding of 'bilevel' 1-bit monochrome images at moderately high resolution, and in particular scanned paper documents. In this domain it is very efficient, offering compression...

SSH Compression Error Checking

The remote host supports algorithms that can use compression. But when ssh attempts to use compression for that communication, the connections do not succeed. TRUSTED...

Debian DSA-4013-1 : openjpeg2 - security update

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

[SECURITY] Fedora 25 Update: openvpn-2.4.4-1.fc25

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

CVE-2017-15535

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...

Design/Logic Flaw

MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors aka wire protocol compression, which exposes a vulnerability when enabled that could be exploited by a malicious attacker to deny service or modify memory...