PT-2025-26337 · Unknown · Zara 4 Image Compression

Name of the Vulnerable Software and Affected Versions: Zara 4 Image Compression versions 1.2.17.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions...

WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Mika in WordPress Plugin Zara 4 Image Compression versions = 1.2.17.2...

SUSE CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

DEBIAN-CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

UBUNTU-CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068 crypto: lzo - Fix compression buffer overrun

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...

CVE-2025-38068 crypto: lzo - Fix compression buffer overrun

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from crypto/lzo not checking for buffer overflows during compression...

Astra Linux – Vulnerability in unbound

Unbound versions up to and including 1.21.0 contain a vulnerability when handling replies with very large RRsets that it needs to perform name compression on. Malicious upstream responses with very large RRsets can cause Unbound to spend considerable time applying name compression to downstream...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo – Fix for compression buffer overflows Unlike the decompression code, the compression code in LZO never checked for output overflows. Instead, it assumes that the caller always provides sufficient buffer space, withou...

NewStart CGSL MAIN 7.02 : unbound Vulnerability (NS-SA-2025-0089)

The remote NewStart CGSL host, running version MAIN 7.02, has unbound packages installed that are affected by a vulnerability: - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression fo...

The vulnerability of the LZ4_decompress_generic() function in the lib/lz4/lz4_decompress.c file, which is part of the lz4 compression module for Linux kernel, allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LZ4decompressgeneric function in the lib/lz4/lz4decompress.c module relates to the reutilization of previously freed memory in Linux kernel-based compression algorithms. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...

CVE-2025-30932

Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through = 6.30.32...

RHEL 10 : ghostscript (RHSA-2025:7593)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7593 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats...

go-toolset:ol8 security update

delve 1.24.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev golang 1.23.9-1 - Update to Go 1.23.9 - Resolves: RHEL-94636 go-toolset 1.23.9-1 - Update to Go 1.23.9 - Resolves: RHEL-94636...

QA-HFL: Quality-Aware Hierarchical Federated Learning for Resource-Constrained Mobile Devices with Heterogeneous Image Quality

This paper introduces QA-HFL, a quality-aware hierarchical federated learning framework that efficiently handles heterogeneous image quality across resource-constrained mobile devices. Our approach trains specialized local models for different image quality levels and aggregates their features...

ghostscript security update

9.27-17 - RHEL-88965 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow...