3256 matches found
CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability
In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...
CVE-2025-0332
CVE-2025-0332 affects Progress Telerik UI for WinForms. Prior to 2025 Q1 (2025.1.211), improper limitation of a target path enables path traversal when decompressing archive contents into a restricted directory. Impact involves potential exposure/manipulation of data (confidentiality, integrity, ...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompression memory corruption The rtime decompression routine does not fully check bounds during the entire decompression process. As a result, it may corrupt memory outside the decompression buffer if the...
DEBIAN-CVE-2025-21693
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...
Buffer Overflow
libcurl.so is vulnerable to a Buffer Overflow. The vulnerability is due to an attacker-controlled integer overflow due to the use of zlib when performing automatic gzip decompression with the CURLOPTACCEPTENCODING option, leading to a potential buffer overflow...
CVE-2025-0725
A flaw was found in libcurl. This vulnerability allows an attacker to trigger a buffer overflow via an integer overflow in zlib 1.2.0.3 or older when libcurl performs automatic gzip decompression. Mitigation Mitigation for this issue is either not available or the currently available options do n...
bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).
A data integrity error was found in the bzip2 User-space package functionality when decompressing. This issue occurs when a user decompresses a particular kind of .bz2 files. A local user could get unexpected results or corrupted data as result of decompressing these files...
SUSE CVE-2025-0725
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
CVE-2025-0725
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
ALPINE-CVE-2025-0725
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
AZL-56498 CVE-2025-0725 affecting package mysql for versions less than 8.0.42-1
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
DEBIAN-CVE-2025-0725
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
AZL-56471 CVE-2025-0725 affecting package mysql for versions less than 8.0.40-4
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
AZL-56504 CVE-2025-0725 affecting package curl for versions less than 8.11.1-3
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
CVE-2025-0725 gzip integer overflow
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
CVE-2025-0725 gzip integer overflow
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
CVE-2025-0725
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
gzip integer overflow
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
CURL-CVE-2025-0725 gzip integer overflow
When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow...
Moderate: Red Hat Security Advisory: bzip2 security update
An update for bzip2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...