Linux Distros Unpatched Vulnerability : CVE-2025-66566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java- based decompressor implementations in lz4-java 1.10.0 and...

CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

UBUNTU-CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

go-toolset:rhel8 security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-121223 golang 1.25.3-1 - Update to Go 1.25.3 sync from CentOS Stream 9 - Build go-toolset as a subpackage - Preserve GOAMD64=v1 for RHEL 8 -...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly cleaning up the IPcomp tunnel state, which could lead to a memory leak...

Oracle Linux 10 : delve / and / golang (ELSA-2025-21816)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21816 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update Delve to 1.25.2 1.24.1-3 - Update CI support golang 1.25.3-1 ...

[SECURITY] Fedora 43 Update: libpng-1.6.51-1.fc43

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

[SECURITY] Fedora 43 Update: 7zip-25.01-1.fc43

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

delve and golang security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 - Resolves: RHEL-111801 golang 1.25.3-1 - Update to Go 1.25.3 - Resolves: RHEL-121220 1.25.1-1 - Update to Go 1.25.1 - Resolves: RHEL-116850 1.25.0-2 - Revert DWARF5 defaults - Add elf...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

RHEL 9 : ghostscript (RHSA-2025:21915)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21915 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats...

TencentOS Server 3: ghostscript (TSSA-2025:0453)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0453 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: unbound (TSSA-2025:0633)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0633 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

GO-2025-4123 Denial-of-Service (DoS) via crafted JSON Web Encryption (JWE) token high compression ratio in github.com/dvsekhvalnov/jose2go

Denial-of-Service DoS via crafted JSON Web Encryption JWE token high compression ratio in github.com/dvsekhvalnov/jose2go...

CVE-2025-63811

A flaw was found in jose2go. This vulnerability allows an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

CVE-2025-63916

MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF compression tool. The application fails to properly sanitize user-supplied file paths before passing them to cmd.exe, allowing attackers to execute arbitrary system commands with the privileges of the user...

CVE-2025-63916

MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF compression tool. The application fails to properly sanitize user-supplied file paths before passing them to cmd.exe, allowing attackers to execute arbitrary system commands with the privileges of the user...

GHSA-9MJ6-HXHV-W67J jose2go is vulnerable to a JWT bomb attack through its decode function

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

CVE-2025-63811

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...