Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the maxDictSize parameter when processing large RAR files. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted RAR archive that triggers...

rardecode: DoS risk due to unrestricted RAR dictionary sizes

rardecode versions = 2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...

DEBIAN-CVE-2025-11579

github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...

UBUNTU-CVE-2025-11579

github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...

CVE-2025-11579 DoS via Out Of Memory Crash

github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...

CVE-2025-11579

github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...

CVE-2025-11579

CVE-2025-11579 affects github.com/nwaples/rardecode, versions

rardecode 安全漏洞

rardecode is a golang package for reading RAR files by the individual developer Nicholas Waples. A security vulnerability exists in rardecode 2.1.1 and earlier versions, which stems from an unrestricted dictionary size, which allows an attacker to supply a specially crafted RAR file resulting in ...

PT-2025-41556

Name of the Vulnerable Software and Affected Versions rardecode versions 2.1.1 and earlier Description The software does not properly limit the dictionary size when processing RAR files. An attacker can exploit this by providing a specially crafted RAR file with a large dictionary size, leading t...

GHSA-JC7W-C686-C4V9 github.com/ulikunitz/xz leaks memory when decoding a corrupted multiple LZMA archives

Summary It is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA head...

iax2-brute NSE Script

Performs brute force password auditing against the Asterisk IAX2 protocol. Guessing fails when a large number of attempts is made due to the maxcallnumber limit default 2048. In case your getting "ERROR: Too many retries, aborted ..." after a while, this is most likely what's happening. In order ...