CVE-2021-29482 denial of service in github.com/ulikunitz/xz

xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. The problem has been fixed in release v0.5.8. As a workaround users can limit the size o...

USN-4109-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain PGX files. An attacker could possibly use this issue to cause a denial of service or possibly remote code execution. CVE-2017-17480 It was discovered that OpenJPEG incorrectly handled certain files. An attacker could possibly use this...

edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function

REJECTED CVE A heap-based buffer overflow vulnerability exists in EDK II within the MakeTable function of BaseUefiDecompressLib.c, TianoCompress.c, and the UEFI specification. An authenticated attacker could exploit this flaw by supplying a crafted file, potentially leading to privilege escalatio...

Debian: Security Advisory (DSA-4013-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2005-2720

HAURI Anti-Virus products (ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, LiveCall) are affected by CVE-2005-2720 due to a stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) when scanning ACE archives. The flaw occurs with ACE archives that contain a file w...