CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-49969 WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression zara-4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zara 4 Image Compression: from n/a through = 1.2.17.2...

CVE-2025-49969 WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Zara 4 Zara 4 Image Compression allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zara 4 Image Compression: from n/a through 1.2.17.2...

CVE-2025-49969

CVE-2025-49969 concerns WordPress plugin Zara 4 Image Compression (versions ≤ 1.2.17.2). The issue is described as a Missing Authorization vulnerability (broken access control) that allows exploitation due to improperly configured access control levels. Public sources in the connected data indica...

WordPress plugin Zara 4 Image Compression 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-26337 · Unknown · Zara 4 Image Compression

Name of the Vulnerable Software and Affected Versions: Zara 4 Image Compression versions 1.2.17.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions...

WordPress Zara 4 Image Compression plugin <= 1.2.17.2 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Mika in WordPress Plugin Zara 4 Image Compression versions = 1.2.17.2...

SUSE CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

DEBIAN-CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

UBUNTU-CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068 crypto: lzo - Fix compression buffer overrun

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068 crypto: lzo - Fix compression buffer overrun

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from crypto/lzo not checking for buffer overflows during compression...

Astra Linux – Vulnerability in unbound

Unbound versions up to and including 1.21.0 contain a vulnerability when handling replies with very large RRsets that it needs to perform name compression on. Malicious upstream responses with very large RRsets can cause Unbound to spend considerable time applying name compression to downstream...

The vulnerability of the LZ4_decompress_generic() function in the lib/lz4/lz4_decompress.c file, which is part of the lz4 compression module for Linux kernel, allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LZ4decompressgeneric function in the lib/lz4/lz4decompress.c module relates to the reutilization of previously freed memory in Linux kernel-based compression algorithms. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, an...

NewStart CGSL MAIN 7.02 : unbound Vulnerability (NS-SA-2025-0089)

The remote NewStart CGSL host, running version MAIN 7.02, has unbound packages installed that are affected by a vulnerability: - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression fo...

CVE-2025-30932

Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through = 6.30.32...