CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

333 matches found

SUSE CVE•added 2023/02/15 5:51 a.m.•3 views

SUSE CVE-2011-2896

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gifreadlzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte functio...

5.1CVSS7.9AI score0.07216EPSS

Exploits0References10

SUSE CVE•added 2023/02/15 5:27 a.m.•1 views

SUSE CVE-2014-4608

Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal Run. NOTE: the author of the LZO...

7.5CVSS6.4AI score0.08604EPSS

Exploits0References14

SUSE CVE•added 2023/02/15 4:5 a.m.•1 views

SUSE CVE-2019-20925

An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13; MongoDB...

7.5CVSS6.8AI score0.00478EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:40 a.m.•1 views

SUSE CVE-2021-32781

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the intern...

8.6CVSS7.9AI score0.00073EPSS

Exploits0References3

Snyk•added 2022/11/02 2:24 p.m.•2 views

Unchecked Input for Loop Condition

Overview apple/swift-nio-extras is an useful code around SwiftNIO. Affected versions of this package are vulnerable to Unchecked Input for Loop Condition. SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects...

7.5CVSS7.1AI score0.00334EPSS

Exploits0References2

CNNVD•added 2022/09/28 12:0 a.m.•2 views

PHP 安全漏洞

PHP is a scripting language that executes on the server side. A denial of service vulnerability exists in PHP versions prior to 7.4.31, 8.0.0 and later, 8.0.24 and earlier, and 8.1.0 and later, and 8.1.11 and earlier, which stems from the fact that the phar decompressor code recursively...

5.5CVSS6.6AI score0.00014EPSS

Exploits0References18

CNNVD•added 2022/06/09 12:0 a.m.•0 views

Envoy 安全漏洞

Envoy is an open source distributed proxy server. security vulnerability exists in versions prior to Envoy 1.22.1, which stems from secompressors accumulating decompressed data into an intermediate buffer before overwriting the body in decode/encodeBody, which can be exploited by attackers to...

7.5CVSS5.9AI score0.00076EPSS

Exploits1References10

CNNVD•added 2022/04/14 12:0 a.m.•3 views

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs. A buffer error vulnerability exists in AT&T Labs' Compressor XMilI and decompressor XDemill, which could be exploited by an attacker to cause code execution with elevated privileges on an engineering workstation. T...

9.8CVSS8.4AI score0.06696EPSS

Exploits0References5

OpenVAS•added 2022/03/05 12:0 a.m.•21 views

SUSE: Security Advisory (SUSE-SU-2022:0730-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.3AI score0.05612EPSS

Exploits0References18

Tenable Nessus•added 2022/01/25 12:0 a.m.•44 views

RHEL 8 : java-11-openjdk (RHSA-2022:0233)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0233 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

5.3CVSS6.5AI score0.05612EPSS

Exploits0References33

RedHat Linux•added 2022/01/24 1:3 p.m.•2 views

OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS7.4AI score0.01201EPSS

Exploits0References4

RedHat Linux•added 2022/01/24 1:2 p.m.•3 views

OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)

5.3CVSS7.4AI score0.01201EPSS

Exploits0References4

RedHat Linux•added 2022/01/24 11:39 a.m.•3 views

OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)

5.3CVSS7.4AI score0.01201EPSS

Exploits0References4

RedHat Linux•added 2022/01/24 11:39 a.m.•4 views

OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096)