EUVD-2025-26149

Malicious code in bioql PyPI...

CVE-2025-58058 github.com/ulikunitz/xz leaks memory when decoding a corrupted multiple LZMA archives

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...

PT-2025-35145

Name of the Vulnerable Software and Affected Versions xz versions prior to 0.5.14 Description The xz package contains a flaw where data can be prepended to an LZMA-encoded byte stream without detection during header reading. This can lead to excessive memory consumption due to the allocation of a...

xz 安全漏洞

xz is a software application. It is used to support reading and writing xz compressed streams. A security vulnerability exists in xz versions prior to 0.5.14, which stems from insufficient detection of the header of LZMA-encoded byte streams and may lead to increased memory consumption...

Truehunter - Tool to detect TrueCrypt containers

The goal of Truehunter is to detect TrueCrypt containers using a fast and memory efficient approach. It was designed as a PoC some time ago as I couldn't find any open source tool with the same functionality. Installation Just use with Python 2.7, it does not need any additional libraries. usage:...

HTTP Header Detection

This module shows HTTP Headers returned by the scanned systems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Header Detection', 'Description' = %q This module shows HTTP Headers returne...