17 matches found
Exploit for CVE-2025-14847
CVE-2025-14847 CVE-2025-14847 Vulnerability Environment with a...
EulerOS Virtualization 2.11.0 : rsync (EulerOS-SA-2023-2099)
According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
EulerOS Virtualization 2.10.0 : binutils (EulerOS-SA-2023-1915)
According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
EulerOS 2.0 SP11 : rsync (EulerOS-SA-2023-1416)
According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Note that...
EulerOS 2.0 SP10 : rsync (EulerOS-SA-2023-1398)
According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Note that...
Huawei EulerOS: Security Advisory for rsync (EulerOS-SA-2023-1111)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : mariadb-connector-c (EulerOS-SA-2022-2937)
According to the versions of the mariadb-connector-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
USN-5573-1 rsync vulnerability
Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code...
CLSA-2022-1658171690 Fixed CVE-2016-10012 in openssh
CVE-2016-10012: re-remove pre-authentication compression and potentially unsecure shared memory manager used by zlib - Move not yet valid timestamps for certs to 2030-2040 range, make sure all tests are passed and add %check unset DISPLAY section...
CLSA-2022-1658171011 Fixed CVE-2016-10012 in openssh
CVE-2016-10012: re-remove pre-authentication compression and potentially unsecure shared memory manager used by zlib - Move not yet valid timestamps for certs to 2030-2040 range, make sure all tests are passed and add %check unset DISPLAY section...
Out-of-bounds Write
Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Out-of-bounds Write via the zlib dependency which allows memory corruption when deflating if the input has many distant matches. Remediation Upgrade nokogiri to version 1.13.4 or...
SUSE-SU-2022:1062-1 Security update for zlib
This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate bsc1197459...
OPENSUSE-SU-2022:1061-1 Security update for zlib
This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate bsc1197459...
CVE-2018-25032
zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...
QEMU: vnc: memory leakage upon disconnect
A memory leakage flaw was found in the way the VNC display driver of QEMU handled the connection disconnect when ZRLE and Tight encoding are enabled. Two VncState objects are created, and one allocates memory for the Zlib's data object. This allocated memory is not freed upon disconnection,...
security flaw
The zlibinflate function in Linux kernel 2.6.x allows local users to cause a denial of service crash via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs...
Debian DSA-122-1 : zlib - malloc error (double free)
The compression library zlib has a flaw in which it attempts to free memory more than once under certain conditions. This can possibly be exploited to run arbitrary code in a program that includes zlib. If a network application running as root is linked to zlib, this could potentially lead to a...