Lucene search
K

3715 matches found

RedHat Linux
RedHat Linux
added 2025/05/27 11:49 a.m.5 views

unbound: Unbounded name compression could lead to Denial of Service

A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...

5.3CVSS7.2AI score0.00806EPSS
Exploits0References5
OSV
OSV
added 2025/05/27 8:57 a.m.4 views

SUSE-SU-2025:20359-1 Security update for unbound

This update for unbound fixes the following issues: Update to 1.22.0: - CVE-2024-8508: Fixed unbounded name compression that could have led to a denial of service bsc1231284...

5.3CVSS7.4AI score0.00806EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/05/27 8:56 a.m.2 views

Security update for unbound

This update for unbound fixes the following issues: Update to 1.22.0: CVE-2024-8508: Fixed unbounded name compression that could have led to a denial of service bsc1231284. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

6.9CVSS7.2AI score0.00806EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2025/05/27 12:0 a.m.12 views

unbound security update

1.16.2-18 - Prevent unbounded name compression CVE-2024-8508...

5.3CVSS7AI score0.00806EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:23 a.m.6 views

CVE-2024-26590

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms on a per-file basis, and each per-file compression algorithm needs to be marked in the on-disk superblock for initialization. However,...

5.5CVSS6.6AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:36 a.m.7 views

CVE-2023-44216

PVRIC PowerVR Image Compression on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately...

5.3CVSS6.9AI score0.01809EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:18 a.m.5 views

CVE-2023-30494

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.10 versions...

7.1CVSS5.8AI score0.00331EPSS
Exploits0References1
Citrix
Citrix
added 2025/05/23 12:0 a.m.16 views

Profile Management VHDX auto expansion doesn't work CompactVHDIterations set to 1

Citrix profile Manager is configured with profile containers with the entire profile contained in the container Profile container auto-expansion is enabled Profile container VHD compression is also enabled The number of logoffs to trigger VHD disk compaction is configured to 1 Under the above...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:52 p.m.15 views

CVE-2021-43304

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don’t exceed the destination buffer’s limits...

8.8CVSS7.1AI score0.01646EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:51 p.m.8 views

CVE-2021-42389

Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0...

6.5CVSS7.2AI score0.01239EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:51 p.m.8 views

CVE-2021-42388

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

8.1CVSS6.7AI score0.01549EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 6:50 p.m.13 views

CVE-2021-43305

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend, don’t exceed the destination buffer’s limits. This issu...

8.8CVSS6.9AI score0.01646EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.8 views

CVE-2021-42387

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl loop, a 16-bit unsigned user-supplied value 'offset' is read from the compressed data. The offset is later used in the length of a copy operation, without checking the...

8.1CVSS6.7AI score0.01549EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:25 p.m.4 views

CVE-2020-11166

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice ...

9.1CVSS9.3AI score0.00918EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:53 p.m.10 views

CVE-2020-9264

ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Information Field in a ZIP archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro macOS, Cyber Security macOS, Mobile Security for...

5.5CVSS6.9AI score0.0118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:44 p.m.7 views

CVE-2020-5933

On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger a...

7.8CVSS6.9AI score0.0105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 p.m.5 views

CVE-2020-29384

An issue was discovered in PNGOUT 2020-01-15. When compressing a crafted PNG file, it encounters an integer overflow...

5.5CVSS6.9AI score0.0104EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 8:35 a.m.7 views

CVE-2019-25072

Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...

7.5CVSS6.6AI score0.01134EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 a.m.12 views

CVE-2018-20994

An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled...

7.5CVSS6.9AI score0.01411EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:32 a.m.9 views

CVE-2010-2328

The HTTP Channel in IBM WebSphere Application Server WAS 7.0 before 7.0.0.11 allows remote attackers to cause a denial of service NullPointerException via a large amount of chunked data that uses gzip compression...

5CVSS6.7AI score0.01105EPSS
Exploits1References1
Rows per page
Query Builder