3256 matches found
UBUNTU-CVE-2024-56827
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opjdecompress utility. This can lead to an application crash or other undefined behavior...
SUSE CVE-2024-56827
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opjdecompress utility. This can lead to an application crash or other undefined behavior...
PT-2025-34389
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free UAF vulnerability within the f2fs file system compression functionality, specifically in the f2fs free dic function. The issue occurs when th...
PT-2025-49260
Name of the Vulnerable Software and Affected Versions urllib3 versions 1.24 through 2.5.9 Description urllib3 is a user-friendly HTTP client library for Python. In versions starting from 1.24 and prior to 2.6.0, the decompression chain had an unbounded number of links. This allowed a malicious...
PT-2025-49261
Name of the Vulnerable Software and Affected Versions urllib3 versions 1.0 through 2.5.16 Description urllib3 is a Python HTTP client library. Versions prior to 2.6.0 have an issue in the Streaming API where it improperly handles highly compressed data. The decompression logic can cause excessive...
bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).
A data integrity error was found in the bzip2 User-space package functionality when decompressing. This issue occurs when a user decompresses a particular kind of .bz2 files. A local user could get unexpected results or corrupted data as result of decompressing these files...
GHSA-X3F4-45XF-RJM7 `ruzstd` uninit and out-of-bounds memory reads
Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copybytesovershooting of up to 15 bytes. This may result in up to 15 bytes of memory contents being written into the decoded data wh...
Fedora: Security Advisory (FEDORA-2024-632b468c59)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
`ruzstd` uninit and out-of-bounds memory reads
Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copybytesovershooting of up to 15 bytes. This may result in up to 15 bytes of memory contents being written into the decoded data wh...
PT-2024-40946 · Ruzstd · Ruzstd
Name of the Vulnerable Software and Affected Versions: ruzstd affected versions not specified Description: The issue arises from miscalculations in the length of the allocated and init section of the internal RingBuffer in ruzstd. This leads to uninitialized or out-of-bounds reads in copy bytes...
7-Zip Zstandard Decompression Integer Underflow Vulnerability - Windows
7zip is prone to a zstandard decompression integer underflow vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Remote Code Execution (RCE)
7-Zip is vulnerable to remote code execution RCE. The vulnerability is due to improper validation of user-supplied data in the Zstandard decompression implementation, causing an integer underflow that allows attackers to execute arbitrary code in the context of the current process...
CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
DEBIAN-CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
UBUNTU-CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
CVE-2024-11477 7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
SUSE CVE-2024-11477
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
7-Zip 数字错误漏洞
7-Zip is a compression software from the 7-Zip open source. A numeric error vulnerability exists in 7-Zip that stems from improper validation of user-supplied data during the Zstandard decompression process, which could result in an integer overflow and execution of arbitrary code before writing ...