UBUNTU-CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the...

EUVD-2015-4490

Malware in sbrugna...

TencentOS Server 2: zlib (TSSA-2023:0038)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0038 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

PT-2023-35664 · Git +1 · C-Blosc2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read, which occurs during the execution of the inflate function, specifically within the uncompress2 and...

PT-2023-17753 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a heap buffer overflow in the inflate function of inflate.c, which could lead to a local escalation of privilege without requiring additional execution...

zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

A security vulnerability was found in zlib. The flaw triggered a heap-based buffer in inflate in the inflate.c function via a large gzip header extra field. This flaw is only applicable in the call inflateGetHeader...

MGASA-2022-0328 Updated zlib packages fix security vulnerability

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

CLSA-2022-1660758906 Fixed CVE-2022-37434 in zlib

CVE-2022-37434: fix possible buffer overflow when getting a gzip header extra field with inflate...

GStreamer 输入验证错误漏洞

GStreamer is a set of frameworks for handling streaming media. A security vulnerability exists in GStreamer version 1.16.2, which originates from an integer overflow in the qtdemux element of the qtdemuxinflate function, resulting in a segmentation error that can be exploited by an attacker to...

Uninitialized Use Of State

zlib causes a use of uninitialized check value. The inflate does not handle the case when UPDATE is called with state-check as its first parameter, without a guarantee that this value has been initialized...

CVE-2017-6153

Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack...

CVE-2015-4470

Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CAB archive...

DEBIAN-CVE-2015-4470

Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CAB archive...

CVE-2015-4470

Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CAB archive...

UBUNTU-CVE-2015-4470

Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted CAB archive...

libpng: buffer overflow in png_inflate caused by invalid type conversions

Integer signedness error in the pnginflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file, a...

DEBIAN-CVE-2009-1391

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service hang or crash via a crafted zlib compressed stream that triggers a...

CVE-2009-1391

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service hang or crash via a crafted zlib compressed stream that triggers a...

VulnCheck KEV: CVE-2009-1391

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service hang or crash via a crafted zlib compressed stream that triggers a...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash. Remediation There is no fixed version for zlib...