RHEL 8 : ghostscript (RHSA-2025:8421)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8421 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats ...

Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: NPDL device: Compression buffer overflow CVE-2025-27832 For more details...

CVE-2025-3951

The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...

CVE-2025-3951 WP-Optimize < 4.2.0 - Admin+ SQLi

The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...

PT-2025-23469 · WordPress · Wp-Optimize

Name of the Vulnerable Software and Affected Versions: WP-Optimize versions prior to 4.2.0 Description: The issue arises from improper escaping of user input when checking image compression statuses. This could allow users with the administrator role to conduct SQL Injection attacks, particularly...

SpeechVerifier: Robust Acoustic Fingerprint against Tampering Attacks Via Watermarking

With the surge of social media, maliciously tampered public speeches, especially those from influential figures, have seriously affected social stability and public trust. Existing speech tampering detection methods remain insufficient: they either rely on external reference data or fail to be bo...

unbound: Unbounded name compression could lead to Denial of Service

A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...

SUSE-SU-2025:20359-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.22.0: - CVE-2024-8508: Fixed unbounded name compression that could have led to a denial of service bsc1231284...

Security update for unbound

This update for unbound fixes the following issues: Update to 1.22.0: CVE-2024-8508: Fixed unbounded name compression that could have led to a denial of service bsc1231284. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

unbound security update

1.16.2-18 - Prevent unbounded name compression CVE-2024-8508...

CVE-2024-26590

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initialization. However,...

CVE-2023-44216

PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...

CVE-2023-30494

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.10 versions...

Profile Management VHDX auto expansion doesn't work CompactVHDIterations set to 1

Citrix profile Manager is configured with profile containers with the entire profile contained in the container Profile container auto-expansion is enabled Profile container VHD compression is also enabled The number of logoffs to trigger VHD disk compaction is configured to 1 Under the above...

CVE-2021-43304

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don’t exceed the destination buffer’s limits...

CVE-2021-42389

Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

CVE-2021-42388

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2021-43305

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don’t exceed the destination buffer’s limits. This issu...

CVE-2021-42387

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

CVE-2020-11166

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice ...