Linux Distros Unpatched Vulnerability : CVE-2022-4104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service...

Linux Distros Unpatched Vulnerability : CVE-2021-43086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compression function of the astc-encoder project with -cl option was used, a stack-buffer-overflow...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2025-2127)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for...

PT-2025-37019

Name of the Vulnerable Software and Affected Versions: NitroPack versions up to and including 1.18.4 Description: The NitroPack plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check within the nitropack set compression ajax function...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2025-2128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

A Non-Monotonic Relationship: an Empirical Analysis of Hybrid Quantum Classifiers for Unseen Ransomware Detection

Detecting unseen ransomware is a critical cybersecurity challenge where classical machine learning often fails. While Quantum Machine Learning QML presents a potential alternative, its application is hindered by the dimensionality gap between classical data and quantum hardware. This paper...

PT-2025-44131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's crypto component related to context allocation and freeing operations within the compression framework. A discrepancy in the definition and order of...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost Simple scanner for CVE-2020-0796 - SMBv3 RCE. The scanner is for meant only for testing whether a server is vulnerable. It is not meant for research or development, hence the fixed payload. It checks for SMB dialect 3.1.1 and compression capability through a negotiate request. A network...

SUSE CVE-2025-58057

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially crafted...

zram: fix NULL pointer in comp_algorithm_show()

...

HPACK table poisoning in gRPC C++, Python & Ruby

...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +4227 more potentially affected by CVE-2025-58057 via io.netty:netty-codec-compression (>=4.2.0.Alpha3 <=4.2.4.Final)

io.netty:netty-codec-compression MAVEN version =4.2.0.Alpha3, =0.1.0, =0.1.0, =4.7.4, =4.7.4, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-58057 Source advisory: SNYK:JAVA-IONETTY-12485152...

f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic

...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +4227 more potentially affected by CVE-2025-58057 via io.netty:netty-codec-compression (>=4.2.0.Alpha3 <=4.2.4.Final)

io.netty:netty-codec-compression MAVEN version =4.2.0.Alpha3, =0.1.0, =0.1.0, =4.7.4, =4.7.4, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-58057 Source advisory: OSV:GHSA-3P8M-J85Q-PGMJ...

CVE-2025-32100

CVE-2025-32100 affects Samsung Mobile Processor, Wearable Processor, and Modem Exynos/Modem families (multiple models listed). Root cause: a buffer copy programming mistake leading to out-of-bounds writes via malformed ROHC packets. Impact per NVD metrics: Network attack vector, low attack comple...

PT-2025-35595

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980 Samsung Mobile Processor, Wearable Processor, and Modem Exynos 990 Samsung Mobile Processor, Wearable Processor, and Modem Exynos 850 Samsung Mobile Processor, Wearable...

Security Bulletin: In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body, which affects IBM watsonx.data

Summary In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests.T hese can affect watsonx.data. Vulnerability Details...

CVE-2025-9461

A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...

DEBIAN-CVE-2025-58058

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...

CVE-2025-58058

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...