3202 matches found
CVE-2018-8784
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfxdecompresssegment that results in a memory corruption and probably even a remote code execution...
[SECURITY] Fedora 29 Update: suricata-4.0.6-1.fc29
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
[SECURITY] Fedora 27 Update: suricata-4.0.6-1.fc27
The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...
[SECURITY] Fedora 27 Update: libmspack-0.9.1-0.1.alpha.fc27
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
[SECURITY] Fedora 28 Update: libmspack-0.9.1-0.1.alpha.fc28
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
[SECURITY] Fedora 29 Update: libmspack-0.9.1-0.1.alpha.fc29
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
libmspack: off-by-one error in the TOLOWER() macro for CHM decompression
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...
[SECURITY] Fedora 28 Update: apache-commons-compress-1.16.1-2.fc28
The Apache Commons Compress library defines an API for working with ar, cpio, Unix dump, tar, zip, gzip, XZ, Pack200 and bzip2 files. In version 1.14 read-only support for Brotli decompression has been added, but it has been removed form this package...
CVE-2018-8413
A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows...
CVE-2018-8413
A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows...
ALPINE-CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
DEBIAN-CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
UBUNTU-CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
[SECURITY] Fedora 27 Update: libmspack-0.7-0.1.alpha.fc27
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
GHSA-8225-6CVR-8PQP superagent vulnerable to zip bomb attacks
Affected versions of superagent do not check the post-decompression size of ZIP compressed HTTP responses prior to decompressing. This results in the package being vulnerable to a ZIP bomb attack, where an extremely small ZIP file becomes many orders of magnitude larger when decompressed. This ma...
[SECURITY] Fedora 28 Update: libmspack-0.7-0.1.alpha.fc28
The purpose of libmspack is to provide both compression and decompression of some loosely related file formats used by Microsoft...
CVE-2018-14682
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...
Design/Logic Flaw
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...
ALPINE-CVE-2018-14682
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression...