Lucene search
+L

19 matches found

cvelist
cvelist
added 2025/12/12 10:11 p.m.26 views

CVE-2025-67721 Aircompressor's Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via...

6.3CVSS0.00369EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2014-4538

Malicious code in bioql PyPI...

5CVSS6.9AI score0.08103EPSS
Exploits0References49
nessus
nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2014-4611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the...

5CVSS8.1AI score0.08103EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/05/29 12:0 a.m.6 views

Aircompressor 安全漏洞

Aircompressor is an airlift open source library that ports the Snappy, LZO, LZ4 and Zstandard compression algorithms to Java. Aircompressor versions prior to 0.27 have a security vulnerability that stems from a decompressor that may crash the JVM and leak memory contents...

8.6CVSS6.7AI score0.00504EPSS
Exploits0References9
f5
f5
added 2023/02/21 6:13 p.m.34 views

K15513: LZ4 vulnerability CVE-2014-4611

Security Advisory Description Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial ...

5CVSS7.2AI score0.08103EPSS
Exploits0
susecve
susecve
added 2023/02/15 5:27 a.m.4 views

SUSE CVE-2014-4611

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

5CVSS7.4AI score0.08103EPSS
Exploits0References5
cnnvd
cnnvd
added 2022/12/27 12:0 a.m.7 views

LZ4 缓冲区错误漏洞

LZ4 is a lossless compression algorithm. A security vulnerability exists in LZ4 that stems from the use of a C API that is vulnerable to memory corruption. An attacker can exploit the vulnerability to execute arbitrary code...

9.8CVSS8.7AI score0.01058EPSS
Exploits0References5
openvas
openvas
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2014-0321)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.7AI score0.08103EPSS
Exploits0References5
osv
osv
added 2021/06/26 11:3 a.m.3 views

OESA-2021-1245 lz4 security update

LZ4 is lossless compression algorithm, providing compression speed 500 MB/s per core 0.15 Bytes/cycle. It features an extremely fast decoder, with speed in multiple GB/s per core 1 Byte/cycle. A high compression derivative, called LZ4HC, is available, trading customizable CPU time for compression...

9.8CVSS8.9AI score0.03216EPSS
Exploits0References2
mageia
mageia
added 2014/08/06 10:31 a.m.42 views

Updated eet packages fix security vulnerability

Integer overflow in the LZ4 algorithm implementation on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an AP...

5CVSS8AI score0.08103EPSS
Exploits0References3
osv
osv
added 2014/08/06 10:31 a.m.6 views

MGASA-2014-0321 Updated eet packages fix security vulnerability

Integer overflow in the LZ4 algorithm implementation on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an AP...

5CVSS7.2AI score0.08103EPSS
Exploits0References4
nvd
nvd
added 2014/07/03 4:22 a.m.17 views

CVE-2014-4611

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

5CVSS7.1AI score0.08103EPSS
Exploits0References31
osv
osv
added 2014/07/03 4:22 a.m.7 views

CVE-2014-4611

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

7.2AI score
Exploits0References34
prion
prion
added 2014/07/03 4:22 a.m.29 views

Integer overflow

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

5CVSS7.5AI score0.08103EPSS
Exploits0References31Affected Software1
debiancve
debiancve
added 2014/07/03 1:0 a.m.67 views

CVE-2014-4611

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

5CVSS7.2AI score0.08103EPSS
Exploits0
cvelist
cvelist
added 2014/07/03 1:0 a.m.42 views

CVE-2014-4611

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

6.8AI score0.08103EPSS
Exploits0References31
cve
cve
added 2014/07/03 1:0 a.m.114 views

CVE-2014-4611

CVE-2014-4611 concerns an integer overflow in the LZ4 implementation used in Yann Collet LZ4 prior to r118 and in the Linux kernel’s lz4_decompress.c (linux kernel before 3.15.2) on 32-bit platforms. A crafted Literal Run can trigger improper handling, enabling context-dependent attackers to caus...

5CVSS7.7AI score0.08103EPSS
In wildExploits0References31Affected Software1
attackerkb
attackerkb
added 2014/07/03 12:0 a.m.39 views

The LZO/LZ4 Integer Overflow Summary

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

5CVSS0.8AI score0.08103EPSS
Exploits0References9
ubuntucve
ubuntucve
added 2014/07/03 12:0 a.m.38 views

CVE-2014-4611

Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service memory corruption o...

5CVSS7AI score0.08103EPSS
Exploits0References7
Rows per page
Query Builder