[SECURITY] Fedora 42 Update: upx-5.0.0-1.fc42

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-1350)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the LoadArchiveFiles function in archive.go. An attacker can disrupt service by supplying an archive whose decompressed size is very large. Remediation Upgrade...

[SECURITY] Fedora 41 Update: upx-5.0.0-1.fc41

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 40 Update: upx-5.0.0-1.fc40

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

[SECURITY] Fedora 41 Update: suricata-7.0.10-1.fc41

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free when processing multiple threads in the workerdecoder function in streamdecodermt.c. An attacker can cause the input buffer to be freed while a worker-specific thread is still writing to it, triggering a crash. Note: The...

CVE-2024-45700

Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading t...

DEBIAN-CVE-2024-45700

Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading t...

UBUNTU-CVE-2024-45700

Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading t...

EulerOS 2.0 SP13 : curl (EulerOS-SA-2025-1313)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

EulerOS 2.0 SP13 : curl (EulerOS-SA-2025-1330)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When asked to use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-t...

Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow

An integer overflow in Nethermind Juno before v0.12.5 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...

PT-2025-13278 · Unknown · Nethermind +1

Name of the Vulnerable Software and Affected Versions: Nethermind Juno versions prior to 0.12.5 Description: The issue is caused by an integer overflow within the Sierra bytecode decompression logic in the "cairo-lang-starknet-classes" library. This allows remote attackers to trigger an infinite...

Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service DOS condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restorepreferences form. This leads to excessive memory consumption and potential system instability,...

GHSA-G8VQ-V3MG-7MRG Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service DOS condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restorepreferences form. This leads to excessive memory consumption and potential system instability,...

CVE-2025-30160

Redlib is an alternative private front-end to Reddit. A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service DOS condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restorepreferences form. This leads to excessive...

CVE-2025-30160 Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

Redlib is an alternative private front-end to Reddit. A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service DOS condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restorepreferences form. This leads to excessive...

CVE-2025-30160 Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

Redlib is an alternative private front-end to Reddit. A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service DOS condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restorepreferences form. This leads to excessive...

CVE-2025-30160 Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

Redlib is an alternative private front-end to Reddit. A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service DOS condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restorepreferences form. This leads to excessive...