3649 matches found
编号撤回
LZ4 is a lossless compression algorithm open-sourced by lz4. This CVE number has been withdrawn...
CVE-2025-55081
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...
CVE-2025-55081
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...
CVE-2025-55081
CVE-2025-55081 affects Eclipse Foundation NextX Duo (ThreadX module) prior to version 6.4.4. The vulnerability is in the _nx_secure_tls_process_clienthello() function, which omits length verification for certain SSL/TLS client_hello fields (ciphersuite length and compression method length). Attac...
CVE-2025-55081 Potential out of bound read in _nx_secure_tls_process_clienthello()
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...
EUVD-2025-34608
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...
PT-2026-2504
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0 Description The Linux kernel contains a flaw within the f2fs file system related to handling compression contexts during writeback operations. A race condition can occur when a file is being fsynced, its...
GHSA-G7F3-828F-7H7M Authlib : JWE zip=DEF decompression bomb enables DoS
Summary Authlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable tokens to exhaust memory and CPU and cause denial of service. Details - Affected component...
EUVD-2025-31827
The Welcart e-Commerce plugin for WordPress is vulnerable to SQL Injection via the cookie in all versions up to, and including, 2.11.21 due to insufficient escaping on the user supplied value and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated...
Linux Distros Unpatched Vulnerability : CVE-2025-59732
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or...
EUVD-2020-23546
Malware in sbrugna...
EUVD-2014-4543
Malware in sbrugna...
EUVD-2018-0146
Malware in sbrugna...
EUVD-2008-1679
Malware in sbrugna...
EUVD-2010-1340
Malware in sbrugna...
EUVD-2011-0041
Malware in sbrugna...
EUVD-2020-27087
Malware in sbrugna...
EUVD-2017-15477
Malware in sbrugna...
EUVD-2015-8598
Malware in sbrugna...
EUVD-2018-15414
Malware in sbrugna...