CVE-2020-9264

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro macOS, Cyber Security macOS, Mobile Security for...

CVE-2020-5933

On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger a...

CVE-2020-29384

An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow...

CVE-2019-25072

Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...

CVE-2018-20994

An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled...

CVE-2010-2328

The HTTP Channel in IBM WebSphere Application Server WAS 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service NullPointerException via a large amount of chunked data that uses gzip compression...

RHEL 9 : ghostscript (RHSA-2025:7586)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7586 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats ...

EC-LDA : Label Distribution Inference Attack against Federated Graph Learning with Embedding Compression

Graph Neural Networks GNNs have been widely used for graph analysis. Federated Graph Learning FGL is an emerging learning framework to collaboratively train graph data from various clients. However, since clients are required to upload model parameters to the server in each round, this provides t...

unbound: Unbounded name compression could lead to Denial of Service

A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...

[SECURITY] Fedora 41 Update: sfnt2woff-zopfli-1.3.1-15.fc41

This is a modified version of the sfnt2woff utility that uses Zopfli as a compression algorithm instead of zlib. This results in compression gains of =E2=80=94 on average =E2=80=94 5-8% compared to regular WOFF files. Zopfli generates co mpressed output that is compatible with regular zlib...

[SECURITY] Fedora 42 Update: sfnt2woff-zopfli-1.3.1-15.fc42

This is a modified version of the sfnt2woff utility that uses Zopfli as a compression algorithm instead of zlib. This results in compression gains of =E2=80=94 on average =E2=80=94 5-8% compared to regular WOFF files. Zopfli generates co mpressed output that is compatible with regular zlib...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Moderate: Red Hat Security Advisory: ghostscript security update

An update for ghostscript is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

ALSA-2025:7586 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: NPDL device: Compression buffer overflow CVE-2025-27832 For more details...

ALSA-2025:7593 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: NPDL device: Compression buffer overflow CVE-2025-27832 For more details...

Important: Red Hat Security Advisory: xz security update

An update for xz is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

kernel: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails

A resource leak flaw was found in the Linux kernel's EROFS filesystem. When zerofsgetextentcompressedlen fails, the corresponding meta buffer is not properly unmapped, leading to a memory leak over time...

[SECURITY] Fedora 40 Update: libxmp-4.6.2-3.fc40

Libxmp is a library that renders module files to PCM data. It supports over 90 mainstream and obscure module formats including Protracker MOD, Scream Tracker 3 S3M, Fast Tracker II XM, and Impulse Tracker IT. Many compressed module formats are supported, including popular Unix, DOS, and Amiga fil...