Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb

CVE-2025-14847-mongobleed CVE-2025-14847 mongobleed python fil...

Photon OS 5.0: Zlib PHSA-2026-5.0-0874

An update of the zlib package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0874. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EulerOS 2.0 SP11 : zlib (EulerOS-SA-2026-2270)

According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no...

EulerOS 2.0 SP11 : zlib (EulerOS-SA-2026-2233)

According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no...

Important: ruby3.4

Issue Overview: zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously...

Amazon Linux 2023 : ruby3.4, ruby3.4-bundled-gems, ruby3.4-default-gems (ALAS2023-2026-1807)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1807 advisory. zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader...

EulerOS Virtualization 2.13.1 : zlib (EulerOS-SA-2026-2155)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop th...

EulerOS Virtualization 2.12.1 : zlib (EulerOS-SA-2026-2092)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop th...

EulerOS Virtualization 2.13.0 : zlib (EulerOS-SA-2026-2194)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop th...

EulerOS Virtualization 2.12.0 : zlib (EulerOS-SA-2026-2117)

According to the versions of the zlib package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop th...

OESA-2026-2491 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

UBUNTU-CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

EUVD-2026-32525

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

ROS-20260524-73-0038

A vulnerability in the crc32combine64 and crc32combinegen64 functions of the open source lossless data compression library zlib is related to the fact that the x2nmodp function can perform right shifts in a loop without a termination condition. Exploitation of the vulnerability could allow an...

ROS-20260524-73-0039

Vulnerability in perl-Compress-Raw-Zlib related to incorrect input of configuration data. The vulnerability can be exploited remotely...

Security Bulletin: IBM i is Affected by an Improper Validation Vulnerability in zlib [CVE-2026-27171]

Summary Zlib for IBM i is vulnerable to increased CPU consumption when using functions crc32combine64 and crc32combine64gen64 CVE-2026-27171 as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-27171 DESCRIPTION: zlib before 1.3.2 allows CPU consumption via...

Fedora 42 : mysql8.4 (2026-a4e0e8211d)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a4e0e8211d advisory. MySQL 8.4.9 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC...

Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite during MKV demuxing using Zlib decompression. Integer overflow occurs in the matroskademux element within the gstmatroskadecompressdata function, which can cause a segfault—or potentially a heap overwrite, depending on the libc and operating system. Depending on the...

Astra Linux - уязвимость в gst-plugins-good1.0

DOS: Potential heap overwrite in qtdemux using zlib decompression. Integer overflow in the qtdemux element within the qtdemuxinflate function can lead to a segfault, or it may cause a heap overwrite, depending on the libc and operating system. Depending on the libc used and the underlying operati...

Fedora 44 : mysql8.0 (2026-1704f705ab)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1704f705ab advisory. MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC...