Lucene search
K

14 matches found

CVE
CVE
added 2025/06/24 6:30 p.m.23 views

CVE-2025-5087

CVE-2025-5087 affects Kaleris NAVIS N4 ULC (Ultra Light Client). The connected documents describe an unsafe Java deserialization vulnerability and insecure transmission of zlib-compressed data over HTTP, enabling an attacker who can observe traffic between Ultra Light Clients and N4 servers to ex...

6CVSS7.1AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.3 views

PT-2025-26770 · Aleris +1 · Kaleris Navis N4 Ulc +1

Name of the Vulnerable Software and Affected Versions: Kaleris NAVIS N4 ULC Ultra Light Client affected versions not specified Description: The issue concerns insecure communication using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients...

6CVSS6.1AI score0.00213EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/03/14 8:21 p.m.9 views

CVE-2025-25293

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. Prior to versions 1.12.4 and 1.18.0, ruby-saml is susceptible to remote Denial of Service DoS with compressed SAML responses. ruby-saml uses zlib to decompress SAML responses in case they're compressed. It is...

8.7CVSS6.9AI score0.01359EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.11 views

SUSE: Security Advisory (SUSE-SU-2019:2668-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.1AI score0.63917EPSS
Exploits10References7
Tenable Nessus
Tenable Nessus
added 2019/10/16 12:0 a.m.38 views

SUSE SLES12 Security Update : sudo (SUSE-SU-2019:2668-1)

This update for sudo provides the following fix : Security issue fixed : CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers bsc1153674. Other issues fixed...

9CVSS7.6AI score0.63917EPSS
Exploits10References7
NVD
NVD
added 2011/01/19 12:0 p.m.15 views

CVE-2011-0015

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large compression factor...

5CVSS6.4AI score0.03105EPSS
Exploits0References12
Prion
Prion
added 2009/12/15 2:30 a.m.30 views

Design/Logic Flaw

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...

9.3CVSS7.5AI score0.81933EPSS
Exploits21References21Affected Software2
UbuntuCve
UbuntuCve
added 2009/12/15 2:30 a.m.38 views

CVE-2009-4324

Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...

9.3CVSS7.2AI score0.81933EPSS
Exploits21References2
UbuntuCve
UbuntuCve
added 2009/06/16 11:30 p.m.31 views

CVE-2009-1391

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service hang or crash via a crafted zlib compressed stream that triggers a...

6.8CVSS6AI score0.07441EPSS
Exploits2References2
Prion
Prion
added 2009/06/16 11:30 p.m.19 views

Heap overflow

Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service hang or crash via a crafted zlib compressed stream that triggers a...

6.8CVSS6.7AI score0.07441EPSS
Exploits2References18Affected Software1
OpenVAS
OpenVAS
added 2008/09/10 12:0 a.m.23 views

Wireshark Multiple Vulnerabilities - Sept-08 (Windows)

Check for vulnerable version of Wireshark/Ethereal OpenVAS Vulnerability Test $Id: secpodwiresharkmultvulnsept08win900212.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Wireshark Multiple Vulnerabilities - Sept-08 Windows Authors: Veerendra GG Copyright: Copyright C 2008 SecPod,...

10CVSS0.6AI score0.04036EPSS
Exploits0References3
NVD
NVD
added 2008/09/04 7:41 p.m.19 views

CVE-2008-3933

Wireshark formerly Ethereal 0.10.14 through 1.0.2 allows attackers to cause a denial of service crash via a packet with crafted zlib-compressed data that triggers an invalid read in the tvbuncompress function...

3.3CVSS6AI score0.00623EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2008/09/04 7:0 p.m.25 views

CVE-2008-3933

Wireshark formerly Ethereal 0.10.14 through 1.0.2 allows attackers to cause a denial of service crash via a packet with crafted zlib-compressed data that triggers an invalid read in the tvbuncompress function...

3.3CVSS4.5AI score0.00623EPSS
Exploits0
Cvelist
Cvelist
added 2008/09/04 7:0 p.m.26 views

CVE-2008-3933

Wireshark formerly Ethereal 0.10.14 through 1.0.2 allows attackers to cause a denial of service crash via a packet with crafted zlib-compressed data that triggers an invalid read in the tvbuncompress function...

5.9AI score0.00623EPSS
Exploits0References21
Rows per page
Query Builder