Lucene search
K

132 matches found

RedhatCVE
RedhatCVE
added 2020/03/31 8:39 a.m.45 views

CVE-2020-10531

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

8.8CVSS3.8AI score0.02669EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2020/03/17 12:54 p.m.102 views

USN-4305-1: ICU vulnerability

André Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code...

8.8CVSS8AI score0.02669EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2020/03/12 7:15 p.m.43 views

CVE-2020-10531

An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp...

8.8CVSS6.9AI score0.02669EPSS
Exploits0References4
CVE
CVE
added 2020/03/12 6:9 p.m.838 views

CVE-2020-10531

ICU for C/C++ up to version 66.1 is affected by CVE-2020-10531: an integer overflow in UnicodeString::doAppend() in common/unistr.cpp can cause a heap-based buffer overflow. Public disclosures and vendor advisories (e.g., ALAS2-2020-1418/ALSA-2020:1317, CESA/DSA advisories) reference this vulnera...

8.8CVSS8.7AI score0.02669EPSS
Exploits0References18Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-1453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.05459EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/08/28 8:29 p.m.40 views

CVE-2017-15396

A stack buffer overflow in NumberingSystem in International Components for Unicode ICU for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.2AI score0.02203EPSS
Exploits0References2
Prion
Prion
added 2018/08/28 8:29 p.m.27 views

Stack overflow

A stack buffer overflow in NumberingSystem in International Components for Unicode ICU for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

4.3CVSS7.2AI score0.02203EPSS
Exploits0References7Affected Software6
Cvelist
Cvelist
added 2018/08/28 8:0 p.m.31 views

CVE-2017-15396

A stack buffer overflow in NumberingSystem in International Components for Unicode ICU for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

7.4AI score0.02203EPSS
Exploits0References7
CVE
CVE
added 2018/08/28 7:0 p.m.262 views

CVE-2017-15422

ICU vulnerability CVE-2017-15422: An integer overflow in ICU’s international date handling (ICU for C/C++) enables out-of-bounds memory reads via crafted HTML. Affected: ICU before 60.1; used in Google Chrome’s V8 (pre-63.0.3239.84) and other products. Impact per sources: potential memory disclos...

6.5CVSS7AI score0.02479EPSS
Exploits0References6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:18 p.m.27 views

Security Bulletin: IBM Content Collector for Emails,IBM Content Collector for File Systems, IBM Content Collector for SharePoint and IBM Content Collector for IBM Connections affected by vulnerabilities in International Components for Unicode library

Summary IBM Content Collector for Emails,IBM Content Collector for File Systems,IBM Content Collector for SharePoint and Content Collector for IBM Connections is affected by following vulnerabilities present in the International Components for Unicode ICU library. ICU is vulnerable to a stack-bas...

9.8CVSS1.1AI score0.05798EPSS
Exploits1Affected Software1
UbuntuCve
UbuntuCve
added 2017/12/07 12:0 a.m.36 views

CVE-2017-15422

Integer overflow in international date handling in International Components for Unicode ICU for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

6.5CVSS7AI score0.02479EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/11/08 1:20 p.m.25 views

CVE-2017-14952

Double free in i18n/zonemeta.cpp in International Components for Unicode ICU for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue...

9.8CVSS7.9AI score0.05096EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2017/10/27 12:28 p.m.32 views

Google Patches ‘High Severity’ Browser Bug

UPDATE Google is urging users to update their Chrome desktop browsers to avoid security issues related to a high-severity stack-based buffer overflow vulnerability. Google issued the alert Thursday and said an update for most browsers has been released. “The stable channel has been updated to...

4.3CVSS8.2AI score0.05245EPSS
Exploits5References8
CVE
CVE
added 2017/10/16 4:0 p.m.174 views

CVE-2017-14952

ICU (ICU4C) for C/C++ up to 59.1 contains a double-free in i18n/zonemeta.cpp (CVE-2017-14952), enabling remote arbitrary code execution via a crafted string. IBM/Db2 and IBM i advisories reference this CVE among ICU-related flaws; remediation involves applying the ICU fix release as indicated by ...

9.8CVSS9.5AI score0.05096EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2017/10/16 4:0 p.m.27 views

CVE-2017-14952

Double free in i18n/zonemeta.cpp in International Components for Unicode ICU for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector entry clean up function call" issue...

9.8CVSS9.8AI score0.05096EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/09/01 12:0 a.m.48 views

SUSE SLED12 / SLES12 Security Update : icu (SUSE-SU-2017:2318-1)

icu was updated to fix two security issues. These security issues were fixed : - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU used an integer data type that is...

7.5CVSS7.6AI score0.2447EPSS
Exploits4References6
OSV
OSV
added 2017/07/17 1:18 p.m.21 views

CVE-2017-11362

In PHP 7.x before 7.0.21 and 7.1.x before 7.1.7, ext/intl/msgformat/msgformatparse.c does not restrict the locale length, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact within International...

9.8CVSS8.1AI score
Exploits0References5
OSV
OSV
added 2017/04/24 6:59 a.m.14 views

CVE-2014-9654

The Regular Expressions package in International Components for Unicode ICU for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of...

9.8CVSS9.8AI score
Exploits0References13
UbuntuCve
UbuntuCve
added 2017/04/14 12:0 a.m.38 views

CVE-2017-7867

International Components for Unicode ICU for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utextsetNativeIndex function...

7.5CVSS7.3AI score0.0463EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/04/14 12:0 a.m.29 views

CVE-2017-7868

International Components for Unicode ICU for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utextmoveIndex32 function...

7.5CVSS7.3AI score0.04449EPSS
Exploits0References3
Rows per page
Query Builder