go-toolset:rhel8 security update

delve 1.24.1-1.0.1 - Disable DWARF compression which has issues Alex Burmashev golang 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106455 go-toolset 1.24.6-1 - Update to Go 1.24.6 fips-1 - Resolves: RHEL-106455...

Linux Distros Unpatched Vulnerability : CVE-2023-33953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Thr...

Malicious code in compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top (npm)

The package compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top was found to contain malicious code...

MAL-2025-17459 Malicious code in compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top (npm)

The package compress-img-and-upload-to-s3-securely-pretty-please-with-sugar-on-top was found to contain malicious code...

MAL-2025-40560 Malicious code in ynodejs_mod_gzip (npm)

The package ynodejsmodgzip was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2024-33847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may b...

Linux Distros Unpatched Vulnerability : CVE-2025-38360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Add more checks for DSC / HUBP ONO guarantees WHY For non-zero DSC instances it's possible that the HUBP domain required to drive it for...

Linux Distros Unpatched Vulnerability : CVE-2024-26590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erofs: fix inconsistent per-file compression format EROFS can select compression algorithms ...

crypto: lzo - Fix compression buffer overrun

...

Linux Distros Unpatched Vulnerability : CVE-2025-38068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes th...

PT-2025-40877

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description The software is susceptible to an issue when decoding OpenEXR files that utilize DWAA or DWAB compression. Specifically, the length of run-length-encoded data is not validated during the decoding...

PT-2025-40878

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description An issue exists in decoding OpenEXR files that utilize DWAA or DWAB compression. The software implicitly assumes image height and width are divisible by 8. When this condition is not met, copy loops ca...

Resource-Efficient Automatic Software Vulnerability Assessment Via Knowledge Distillation and Particle Swarm Optimization

The increasing complexity of software systems has led to a surge in cybersecurity vulnerabilities, necessitating efficient and scalable solutions for vulnerability assessment. However, the deployment of large pre-trained models in real-world scenarios is hindered by their substantial computationa...

RLSA-2025:8421 Moderate: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fixes: Ghostscript: NPDL device: Compression buffer overflow CVE-2025-27832 For more details...

lz4 security update

An update is available for lz4. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The lz4 packages provide support for LZ4, a very fast, lossless compression...

RLSA-2025:11035 Moderate: lz4 security update

The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limi...

SUSE CVE-2024-55628

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...

SUSE CVE-2025-38360

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees WHY For non-zero DSC instances it's possible that the HUBP domain required to drive it for sequential ONO ASICs isn't met, potentially causing the logic to the tile t...

Security update for boost

This update for boost fixes the following issues: CVE-2016-9840: Fixed out-of-bounds pointer arithmetic in zlib in beast bsc1245936 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Usage ./CVE-2020-0796.py servername This script connects to the target host, and compresses the authentication request with a bad offset field set in the transformation header, causing the decompressor to buffer overflow and crash the target. This...